Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-48795 (GCVE-0-2023-48795)
Vulnerability from cvelistv5 – Published: 2023-12-18 00:00 – Updated: 2026-05-12 11:02
VLAI
EPSS
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
139 references
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:05:21.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.paramiko.org/changelog.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/openbsd.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.terrapin-attack.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"tags": [
"x_transferred"
],
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/920280"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"tags": [
"x_transferred"
],
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"tags": [
"x_transferred"
],
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"tags": [
"x_transferred"
],
"url": "https://crates.io/crates/thrussh/versions"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"tags": [
"x_transferred"
],
"url": "https://filezilla-project.org/versions.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://nova.app/releases/#v11.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"tags": [
"x_transferred"
],
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48795",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-22T05:01:05.519910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:45:57.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:02:25.905Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:23.972Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"url": "https://www.paramiko.org/changelog.html"
},
{
"url": "https://www.openssh.com/openbsd.html"
},
{
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"url": "https://www.terrapin-attack.com"
},
{
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"url": "https://bugs.gentoo.org/920280"
},
{
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"url": "https://crates.io/crates/thrussh/versions"
},
{
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"url": "https://filezilla-project.org/versions.php"
},
{
"url": "https://nova.app/releases/#v11.8"
},
{
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-48795",
"datePublished": "2023-12-18T00:00:00.000Z",
"dateReserved": "2023-11-20T00:00:00.000Z",
"dateUpdated": "2026-05-12T11:02:25.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-48795",
"date": "2026-06-27",
"epss": "0.93305",
"percentile": "0.99822"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.6\", \"matchCriteriaId\": \"5308FBBB-F738-41C5-97A4-E40118E957CD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.80\", \"matchCriteriaId\": \"A9D807DB-9E20-4792-8A9F-4BFFC841BAB7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.66.4\", \"matchCriteriaId\": \"42915485-A4DA-48DD-9C15-415D2D39DC52\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.1.0\", \"matchCriteriaId\": \"9F37C9AC-185F-403A-A79B-2D5C8E11AFC4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.10.4\", \"matchCriteriaId\": \"31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.8\", \"matchCriteriaId\": \"F2FCF7EF-97D7-44CF-AC74-72D856901755\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14.4\", \"matchCriteriaId\": \"53CAD263-1C60-43BD-86A2-C8DB15FFB4C6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.2.2\", \"matchCriteriaId\": \"8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.33\", \"matchCriteriaId\": \"6209E375-10C7-4E65-A2E7-455A686717AC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.32\", \"matchCriteriaId\": \"1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.66.4\", \"matchCriteriaId\": \"3A71B523-0778-46C6-A38B-64452E0BB6E7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"418940E3-6DD1-4AA6-846A-03E059D0C681\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"411BA58A-33B6-44CA-B9D6-7F9042D46961\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA17A153-30E4-4731-8706-8F74FCA50993\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB736F57-9BE3-4457-A10E-FA88D0932154\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.4.3\", \"matchCriteriaId\": \"6EB8D02D-87F3-414D-A3EA-43F594DAAC1B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.10.6\", \"matchCriteriaId\": \"AAB481DA-FBFE-4CC2-9AE7-22025FA07494\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*\", \"matchCriteriaId\": \"3D6FD459-F8E8-4126-8097-D30B4639404A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*\", \"versionEndIncluding\": \"1.11.0\", \"matchCriteriaId\": \"69510F52-C699-4E7D-87EF-7000682888F0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.8b\", \"matchCriteriaId\": \"9461430B-3709-45B6-8858-2101F5AE4481\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.4\", \"matchCriteriaId\": \"B9A01DF3-E20E-4F29-B5CF-DDF717D01E74\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.35.1\", \"matchCriteriaId\": \"D25EB73D-6145-4B7D-8F14-80FD0B458E99\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.1\", \"matchCriteriaId\": \"77594DEC-B5F7-4911-A13D-FFE91C74BAFA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.3.4\", \"matchCriteriaId\": \"F8FF7E74-2351-4CD9-B717-FA28893293A1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.6.0\", \"matchCriteriaId\": \"82A93C12-FEB6-4E82-B283-0ED7820D807E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"build__0144\", \"matchCriteriaId\": \"B480AE79-2FA1-4281-9F0D-0DE812B9354D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.4.0\", \"matchCriteriaId\": \"826B6323-06F8-4B96-8771-3FA15A727B08\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA7EAD12-E398-44AF-9859-F3CA6C63BA6B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0AAA300-691A-4957-8B69-F6888CC971B1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45937289-2D64-47CB-A750-5B4F0D4664A0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E2C021C-A9F0-4EB4-ADED-81D8B57B4563\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C877879-B84B-471C-80CF-0656521CA8AB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"379A5883-F6DF-41F5-9403-8D17F6605737\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5B1D946-5978-4818-BF21-A43D9C1365E1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D5A7736-A403-4617-8790-18E46CB74DA6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E0DE4E1-5D8D-40F3-8AC8-C7F736966158\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.17.0\", \"matchCriteriaId\": \"F92E56DF-98DF-4328-B37E-4D5744E4103D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*\", \"versionEndExcluding\": \"0.40.2\", \"matchCriteriaId\": \"AC12508E-3C31-44EA-B4F3-29316BE9B189\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.5.6\", \"matchCriteriaId\": \"1750028C-698D-4E84-B727-8A155A46ADEB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"26.2.1\", \"matchCriteriaId\": \"3A9A8E99-7F4A-4B74-B86B-8B3E8B2A8776\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.2.15\", \"matchCriteriaId\": \"61119DB3-4336-4D3B-863A-0CCF4146E5C1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.11.1\", \"matchCriteriaId\": \"7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.14.2\", \"matchCriteriaId\": \"FAE46983-0ABC-49F7-AC18-A78FAC7E73AA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2022.83\", \"matchCriteriaId\": \"06BF3368-F232-4E6B-883E-A591EED5C827\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.1.0-snapshot\", \"matchCriteriaId\": \"36531FB6-5682-4BF1-9785-E9D6D1C4207B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.11\", \"matchCriteriaId\": \"514ED687-0D7B-479B-82C5-7EB1A5EEC94C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.4.6\", \"matchCriteriaId\": \"83B1AF39-C0B9-4031-B19A-BDDD4F337273\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"23.09.1\", \"matchCriteriaId\": \"2B71B0EF-888E-45E2-A055-F59CDCC1AFC7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.7.2\", \"matchCriteriaId\": \"8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.6.0\", \"matchCriteriaId\": \"C1795F7A-203F-400E-B09C-0FAF16D01CFC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.2.22\", \"matchCriteriaId\": \"0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.11.0\", \"matchCriteriaId\": \"E2D7B0CA-C01F-4296-9425-48299E3889C5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.37.0\", \"matchCriteriaId\": \"1C3EB0B8-9E76-4146-AB02-02E20B91D55C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20230101\", \"matchCriteriaId\": \"0582468A-149B-429F-978A-2AEDF4BE2606\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.76.1.13\", \"matchCriteriaId\": \"98321BF9-5E8F-4836-842C-47713B1C2775\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76BDAFDE-4515-42E6-820F-38AF4A786CF2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5920923E-0D52-44E5-801D-10B82846ED58\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.0\", \"versionEndExcluding\": \"14.4\", \"matchCriteriaId\": \"73160D1F-755B-46D2-969F-DF8E43BB1099\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"}, {\"lang\": \"es\", \"value\": \"El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociaci\\u00f3n de extensi\\u00f3n) y, en consecuencia, un cliente y un servidor pueden terminar con una conexi\\u00f3n para la cual algunas caracter\\u00edsticas de seguridad han sido degradadas o deshabilitadas, tambi\\u00e9n conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de n\\u00fameros de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisi\\u00f3n se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto tambi\\u00e9n afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podr\\u00eda haber efectos en Bitvise SSH hasta la versi\\u00f3n 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.\"}]",
"id": "CVE-2023-48795",
"lastModified": "2024-12-02T14:54:27.177",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}]}",
"published": "2023-12-18T16:15:10.897",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Mitigation\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://bugs.gentoo.org/920280\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://crates.io/crates/thrussh/versions\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\"]}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ronf/asyncssh/tags\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://nova.app/releases/#v11.8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://oryx-embedded.com/download/#changelog\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openssh.com/openbsd.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Mitigation\"]}, {\"url\": \"https://www.paramiko.org/changelog.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.terrapin-attack.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Mitigation\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://bugs.gentoo.org/920280\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://crates.io/crates/thrussh/versions\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\"]}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ronf/asyncssh/tags\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://nova.app/releases/#v11.8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://oryx-embedded.com/download/#changelog\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openssh.com/openbsd.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Mitigation\"]}, {\"url\": \"https://www.paramiko.org/changelog.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.terrapin-attack.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-354\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-48795\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-18T16:15:10.897\",\"lastModified\":\"2026-06-17T06:34:59.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"},{\"lang\":\"es\",\"value\":\"El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociaci\u00f3n de extensi\u00f3n) y, en consecuencia, un cliente y un servidor pueden terminar con una conexi\u00f3n para la cual algunas caracter\u00edsticas de seguridad han sido degradadas o deshabilitadas, tambi\u00e9n conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de n\u00fameros de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisi\u00f3n se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto tambi\u00e9n afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podr\u00eda haber efectos en Bitvise SSH hasta la versi\u00f3n 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM APE1808\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2023-12-22T05:01:05.519910Z\",\"id\":\"CVE-2023-48795\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.6\",\"matchCriteriaId\":\"5308FBBB-F738-41C5-97A4-E40118E957CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.80\",\"matchCriteriaId\":\"A9D807DB-9E20-4792-8A9F-4BFFC841BAB7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.66.4\",\"matchCriteriaId\":\"42915485-A4DA-48DD-9C15-415D2D39DC52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.4\",\"matchCriteriaId\":\"31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.8\",\"matchCriteriaId\":\"F2FCF7EF-97D7-44CF-AC74-72D856901755\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"53CAD263-1C60-43BD-86A2-C8DB15FFB4C6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.2\",\"matchCriteriaId\":\"8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.33\",\"matchCriteriaId\":\"6209E375-10C7-4E65-A2E7-455A686717AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.32\",\"matchCriteriaId\":\"1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.66.4\",\"matchCriteriaId\":\"3A71B523-0778-46C6-A38B-64452E0BB6E7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"418940E3-6DD1-4AA6-846A-03E059D0C681\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"411BA58A-33B6-44CA-B9D6-7F9042D46961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA17A153-30E4-4731-8706-8F74FCA50993\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB736F57-9BE3-4457-A10E-FA88D0932154\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.3\",\"matchCriteriaId\":\"6EB8D02D-87F3-414D-A3EA-43F594DAAC1B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.10.6\",\"matchCriteriaId\":\"AAB481DA-FBFE-4CC2-9AE7-22025FA07494\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*\",\"matchCriteriaId\":\"3D6FD459-F8E8-4126-8097-D30B4639404A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.11.0\",\"matchCriteriaId\":\"69510F52-C699-4E7D-87EF-7000682888F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.8b\",\"matchCriteriaId\":\"9461430B-3709-45B6-8858-2101F5AE4481\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.4\",\"matchCriteriaId\":\"B9A01DF3-E20E-4F29-B5CF-DDF717D01E74\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.35.1\",\"matchCriteriaId\":\"D25EB73D-6145-4B7D-8F14-80FD0B458E99\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1\",\"matchCriteriaId\":\"77594DEC-B5F7-4911-A13D-FFE91C74BAFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.4\",\"matchCriteriaId\":\"F8FF7E74-2351-4CD9-B717-FA28893293A1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.6.0\",\"matchCriteriaId\":\"82A93C12-FEB6-4E82-B283-0ED7820D807E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"build__0144\",\"matchCriteriaId\":\"B480AE79-2FA1-4281-9F0D-0DE812B9354D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"826B6323-06F8-4B96-8771-3FA15A727B08\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7EAD12-E398-44AF-9859-F3CA6C63BA6B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2C021C-A9F0-4EB4-ADED-81D8B57B4563\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"379A5883-F6DF-41F5-9403-8D17F6605737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B1D946-5978-4818-BF21-A43D9C1365E1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E0DE4E1-5D8D-40F3-8AC8-C7F736966158\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"F92E56DF-98DF-4328-B37E-4D5744E4103D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*\",\"versionEndExcluding\":\"0.40.2\",\"matchCriteriaId\":\"AC12508E-3C31-44EA-B4F3-29316BE9B189\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.6\",\"matchCriteriaId\":\"1750028C-698D-4E84-B727-8A155A46ADEB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.3.4.27\",\"matchCriteriaId\":\"B38C0997-A8CC-473C-98CF-641FD21EB411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"23.0\",\"versionEndExcluding\":\"23.3.4.20\",\"matchCriteriaId\":\"5887F3E2-9214-4FAE-8768-441D770E27C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.0\",\"versionEndExcluding\":\"24.3.4.15\",\"matchCriteriaId\":\"8D7CB988-94C4-45BE-AD9D-9C16899A71DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"25.0\",\"versionEndExcluding\":\"25.3.2.8\",\"matchCriteriaId\":\"EB749F4B-99FC-4AE8-BDB3-85B081B52F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"26.0\",\"versionEndExcluding\":\"26.2.1\",\"matchCriteriaId\":\"2380909A-BA9B-4A76-82F2-D2D0EF242E57\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.2.15\",\"matchCriteriaId\":\"61119DB3-4336-4D3B-863A-0CCF4146E5C1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11.1\",\"matchCriteriaId\":\"7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.2\",\"matchCriteriaId\":\"FAE46983-0ABC-49F7-AC18-A78FAC7E73AA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.83\",\"matchCriteriaId\":\"06BF3368-F232-4E6B-883E-A591EED5C827\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1.0-snapshot\",\"matchCriteriaId\":\"36531FB6-5682-4BF1-9785-E9D6D1C4207B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.1.5\",\"matchCriteriaId\":\"A86A51EA-B501-42F8-91E6-4EA97DED767C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.11.1.7\",\"matchCriteriaId\":\"70989970-E224-4D1C-941E-BBFB2AE7285C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.12\",\"versionEndExcluding\":\"4.13.2.4\",\"matchCriteriaId\":\"E7819CE3-2849-4D15-874B-F6A68EF6D65F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.15.3.1\",\"matchCriteriaId\":\"F6A4DD8B-06AD-4F13-8F7E-1E2AAF81C119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.1.1\",\"matchCriteriaId\":\"D91ED5E1-1D75-4B63-B0A2-B2EB6D4AC685\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.6\",\"matchCriteriaId\":\"83B1AF39-C0B9-4031-B19A-BDDD4F337273\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"23.09.1\",\"matchCriteriaId\":\"2B71B0EF-888E-45E2-A055-F59CDCC1AFC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.2\",\"matchCriteriaId\":\"8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.6.0\",\"matchCriteriaId\":\"C1795F7A-203F-400E-B09C-0FAF16D01CFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.22\",\"matchCriteriaId\":\"0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.11.0\",\"matchCriteriaId\":\"E2D7B0CA-C01F-4296-9425-48299E3889C5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.37.0\",\"matchCriteriaId\":\"1C3EB0B8-9E76-4146-AB02-02E20B91D55C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20230101\",\"matchCriteriaId\":\"0582468A-149B-429F-978A-2AEDF4BE2606\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.76.1.13\",\"matchCriteriaId\":\"98321BF9-5E8F-4836-842C-47713B1C2775\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76BDAFDE-4515-42E6-820F-38AF4A786CF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5920923E-0D52-44E5-801D-10B82846ED58\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"73160D1F-755B-46D2-969F-DF8E43BB1099\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\"}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.paramiko.org/changelog.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/openbsd.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.terrapin-attack.com\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugs.gentoo.org/920280\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://oryx-embedded.com/download/#changelog\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://crates.io/crates/thrussh/versions\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nova.app/releases/#v11.8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T22:05:21.417Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-48795\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-12-22T05:01:05.519910Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354 Improper Validation of Integrity Check Value\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T20:45:13.765Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\"}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\"}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\"}, {\"url\": \"https://www.paramiko.org/changelog.html\"}, {\"url\": \"https://www.openssh.com/openbsd.html\"}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\"}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\"}, {\"url\": \"https://github.com/ronf/asyncssh/tags\"}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\"}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\"}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\"}, {\"url\": \"https://www.openssh.com/txt/release-9.6\"}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\"}, {\"url\": \"https://www.terrapin-attack.com\"}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\"}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\"}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\"}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\"}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\"}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\"}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\"}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\"}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\"}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\"}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\"}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\"}, {\"url\": \"https://bugs.gentoo.org/920280\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\"}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\"}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\"}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\"}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\"}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\"}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\"}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\"}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\"}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\"}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\"}, {\"url\": \"https://oryx-embedded.com/download/#changelog\"}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\"}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\"}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\"}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\"}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\"}, {\"url\": \"https://crates.io/crates/thrussh/versions\"}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\"}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\"}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\"}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\"}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\"}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\"}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\"}, {\"url\": \"https://filezilla-project.org/versions.php\"}, {\"url\": \"https://nova.app/releases/#v11.8\"}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\"}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\"}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\"}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\"}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\"}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\"}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-05-01T18:06:23.972Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-48795\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\", \"dateReserved\": \"2023-11-20T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-12-18T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2024_1383
Vulnerability from csaf_redhat - Published: 2024-03-19 15:19 - Updated: 2024-12-17 22:35Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.0 security, enhancement, & bug fix update
Severity
Important
Notes
Topic: Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.15.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.3 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.5 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.5 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the HashiCorp Vault. The Vault and Vault Enterprise (“Vault”) LDAP auth method allows unauthenticated users to potentially enumerate valid accounts in the configured LDAP system by observing the response error when querying usernames.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
Known not affected
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in OpenSSL in how it processes key and initialization vector (IV) lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. Both truncations and overruns of the key and the IV will produce incorrect results and could, in some cases, trigger a memory exception.
7.5 (High)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in The HashiCorp Vault, which may be susceptible to a denial of service due to an unbounded consumption of memory when handling policy requests. This issue may allow an attacker to trigger policy checks by sending multiple inbound client requests that create a logger that is never removed from memory, leading to excessive memory consumption, causing a denial of service condition.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
Known not affected
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
5.9 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur.
7.3 (High)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
5.3 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.
6.1 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Workaround
|
Threats
Impact
Moderate
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
5.3 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands, leading to a leak of restricted information.
5.3 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the "sudoreplay -l' command improperly escapes terminal control characters. As sudo's log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands, leading to a leak of restricted information.
5.3 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Libxml2, where it contains a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a denial of service (DoS) by supplying a crafted XML file.
6.5 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in the NPM IP Package. This flaw allows an attacker to perform arbitrary code execution and obtain sensitive information via the isPublic() function by inducing a Server-Side Request Forgery (SSRF) attack and obtaining access to normally inaccessible resources.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user.
7.0 (High)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the get-func-name package in the chai module. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Threats
Impact
Moderate
A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly.
5.9 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.
4.2 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible.
5.3 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A Regular Expression Denial of Service (ReDoS) vulnerability was found in Adobe's css-tools when parsing CSS. This issue occurs due to improper input validation and may allow an attacker to use a carefully crafted input string to cause a denial of service, especially when attempting to parse CSS.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.
6.5 (Medium)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
7.5 (High)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
7.5 (High)
Affected products
Fixed
89 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
326 references
Acknowledgments
Cybernetics
Tony Battersby
Red Hat
Daiki Ueno
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
reported
Harry Sintonen
patched
Daniel Stenberg
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that include numerous enhancements and bug fixes are now available for Red Hat OpenShift Data Foundation 4.15.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1383",
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.15/html/4.15_release_notes/index"
},
{
"category": "external",
"summary": "2005835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005835"
},
{
"category": "external",
"summary": "2022467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022467"
},
{
"category": "external",
"summary": "2126028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126028"
},
{
"category": "external",
"summary": "2130266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130266"
},
{
"category": "external",
"summary": "2151493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151493"
},
{
"category": "external",
"summary": "2165128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165128"
},
{
"category": "external",
"summary": "2165907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165907"
},
{
"category": "external",
"summary": "2196858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196858"
},
{
"category": "external",
"summary": "2207925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207925"
},
{
"category": "external",
"summary": "2208302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208302"
},
{
"category": "external",
"summary": "2209616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209616"
},
{
"category": "external",
"summary": "2210970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210970"
},
{
"category": "external",
"summary": "2213885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213885"
},
{
"category": "external",
"summary": "2222254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222254"
},
{
"category": "external",
"summary": "2228785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228785"
},
{
"category": "external",
"summary": "2229670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229670"
},
{
"category": "external",
"summary": "2231076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231076"
},
{
"category": "external",
"summary": "2231860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231860"
},
{
"category": "external",
"summary": "2233010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233010"
},
{
"category": "external",
"summary": "2234479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234479"
},
{
"category": "external",
"summary": "2236384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236384"
},
{
"category": "external",
"summary": "2236400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236400"
},
{
"category": "external",
"summary": "2237427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237427"
},
{
"category": "external",
"summary": "2237895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237895"
},
{
"category": "external",
"summary": "2237903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237903"
},
{
"category": "external",
"summary": "2237920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237920"
},
{
"category": "external",
"summary": "2239208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239208"
},
{
"category": "external",
"summary": "2239590",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239590"
},
{
"category": "external",
"summary": "2239608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239608"
},
{
"category": "external",
"summary": "2240756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240756"
},
{
"category": "external",
"summary": "2240908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240908"
},
{
"category": "external",
"summary": "2241268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241268"
},
{
"category": "external",
"summary": "2241872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241872"
},
{
"category": "external",
"summary": "2242309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242309"
},
{
"category": "external",
"summary": "2244568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244568"
},
{
"category": "external",
"summary": "2244569",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244569"
},
{
"category": "external",
"summary": "2244570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244570"
},
{
"category": "external",
"summary": "2245004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245004"
},
{
"category": "external",
"summary": "2246084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246084"
},
{
"category": "external",
"summary": "2246993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246993"
},
{
"category": "external",
"summary": "2247094",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247094"
},
{
"category": "external",
"summary": "2247313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247313"
},
{
"category": "external",
"summary": "2247518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247518"
},
{
"category": "external",
"summary": "2247542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247542"
},
{
"category": "external",
"summary": "2247714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247714"
},
{
"category": "external",
"summary": "2247731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247731"
},
{
"category": "external",
"summary": "2247743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247743"
},
{
"category": "external",
"summary": "2247748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247748"
},
{
"category": "external",
"summary": "2248117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248117"
},
{
"category": "external",
"summary": "2248664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248664"
},
{
"category": "external",
"summary": "2248666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248666"
},
{
"category": "external",
"summary": "2248684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248684"
},
{
"category": "external",
"summary": "2248832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248832"
},
{
"category": "external",
"summary": "2249678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249678"
},
{
"category": "external",
"summary": "2249844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249844"
},
{
"category": "external",
"summary": "2250092",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250092"
},
{
"category": "external",
"summary": "2250152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250152"
},
{
"category": "external",
"summary": "2250636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250636"
},
{
"category": "external",
"summary": "2250911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250911"
},
{
"category": "external",
"summary": "2250995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250995"
},
{
"category": "external",
"summary": "2251741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251741"
},
{
"category": "external",
"summary": "2252035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252035"
},
{
"category": "external",
"summary": "2252756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252756"
},
{
"category": "external",
"summary": "2253185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253185"
},
{
"category": "external",
"summary": "2253257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253257"
},
{
"category": "external",
"summary": "2253953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253953"
},
{
"category": "external",
"summary": "2254159",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254159"
},
{
"category": "external",
"summary": "2254216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254216"
},
{
"category": "external",
"summary": "2254330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254330"
},
{
"category": "external",
"summary": "2254333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254333"
},
{
"category": "external",
"summary": "2254513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254513"
},
{
"category": "external",
"summary": "2255036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255036"
},
{
"category": "external",
"summary": "2255194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255194"
},
{
"category": "external",
"summary": "2255219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255219"
},
{
"category": "external",
"summary": "2255232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255232"
},
{
"category": "external",
"summary": "2255240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255240"
},
{
"category": "external",
"summary": "2255241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255241"
},
{
"category": "external",
"summary": "2255310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255310"
},
{
"category": "external",
"summary": "2255320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255320"
},
{
"category": "external",
"summary": "2255328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255328"
},
{
"category": "external",
"summary": "2255332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255332"
},
{
"category": "external",
"summary": "2255333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255333"
},
{
"category": "external",
"summary": "2255340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255340"
},
{
"category": "external",
"summary": "2255343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255343"
},
{
"category": "external",
"summary": "2255411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255411"
},
{
"category": "external",
"summary": "2255491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255491"
},
{
"category": "external",
"summary": "2255499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255499"
},
{
"category": "external",
"summary": "2255501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255501"
},
{
"category": "external",
"summary": "2255508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255508"
},
{
"category": "external",
"summary": "2255557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255557"
},
{
"category": "external",
"summary": "2255586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255586"
},
{
"category": "external",
"summary": "2255890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255890"
},
{
"category": "external",
"summary": "2256085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256085"
},
{
"category": "external",
"summary": "2256161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256161"
},
{
"category": "external",
"summary": "2256456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256456"
},
{
"category": "external",
"summary": "2256566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256566"
},
{
"category": "external",
"summary": "2256580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256580"
},
{
"category": "external",
"summary": "2256597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256597"
},
{
"category": "external",
"summary": "2256633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256633"
},
{
"category": "external",
"summary": "2256637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256637"
},
{
"category": "external",
"summary": "2256725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256725"
},
{
"category": "external",
"summary": "2256777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256777"
},
{
"category": "external",
"summary": "2257222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257222"
},
{
"category": "external",
"summary": "2257296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257296"
},
{
"category": "external",
"summary": "2257310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257310"
},
{
"category": "external",
"summary": "2257427",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257427"
},
{
"category": "external",
"summary": "2257441",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257441"
},
{
"category": "external",
"summary": "2257634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257634"
},
{
"category": "external",
"summary": "2257674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257674"
},
{
"category": "external",
"summary": "2257694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257694"
},
{
"category": "external",
"summary": "2257711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257711"
},
{
"category": "external",
"summary": "2257982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257982"
},
{
"category": "external",
"summary": "2258015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258015"
},
{
"category": "external",
"summary": "2258021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258021"
},
{
"category": "external",
"summary": "2258351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258351"
},
{
"category": "external",
"summary": "2258357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258357"
},
{
"category": "external",
"summary": "2258560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258560"
},
{
"category": "external",
"summary": "2258591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258591"
},
{
"category": "external",
"summary": "2258681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258681"
},
{
"category": "external",
"summary": "2258744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258744"
},
{
"category": "external",
"summary": "2258814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258814"
},
{
"category": "external",
"summary": "2258937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258937"
},
{
"category": "external",
"summary": "2258974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258974"
},
{
"category": "external",
"summary": "2259187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259187"
},
{
"category": "external",
"summary": "2259476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259476"
},
{
"category": "external",
"summary": "2259632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259632"
},
{
"category": "external",
"summary": "2259664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259664"
},
{
"category": "external",
"summary": "2259773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259773"
},
{
"category": "external",
"summary": "2259852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259852"
},
{
"category": "external",
"summary": "2260050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260050"
},
{
"category": "external",
"summary": "2260131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260131"
},
{
"category": "external",
"summary": "2260279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260279"
},
{
"category": "external",
"summary": "2260340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260340"
},
{
"category": "external",
"summary": "2260818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260818"
},
{
"category": "external",
"summary": "2261936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261936"
},
{
"category": "external",
"summary": "2262052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262052"
},
{
"category": "external",
"summary": "2262252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262252"
},
{
"category": "external",
"summary": "2262376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262376"
},
{
"category": "external",
"summary": "2262974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262974"
},
{
"category": "external",
"summary": "2263319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263319"
},
{
"category": "external",
"summary": "2263472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263472"
},
{
"category": "external",
"summary": "2263984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263984"
},
{
"category": "external",
"summary": "2264002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264002"
},
{
"category": "external",
"summary": "2264825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264825"
},
{
"category": "external",
"summary": "2265051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265051"
},
{
"category": "external",
"summary": "2265109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265109"
},
{
"category": "external",
"summary": "2265124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265124"
},
{
"category": "external",
"summary": "2265514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265514"
},
{
"category": "external",
"summary": "2266564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266564"
},
{
"category": "external",
"summary": "2266583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266583"
},
{
"category": "external",
"summary": "2267209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267209"
},
{
"category": "external",
"summary": "2267712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267712"
},
{
"category": "external",
"summary": "2267857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267857"
},
{
"category": "external",
"summary": "2267885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267885"
},
{
"category": "external",
"summary": "2268407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268407"
},
{
"category": "external",
"summary": "2268959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268959"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1383.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.0 security, enhancement, \u0026 bug fix update",
"tracking": {
"current_release_date": "2024-12-17T22:35:50+00:00",
"generator": {
"date": "2024-12-17T22:35:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1383",
"initial_release_date": "2024-03-19T15:19:34+00:00",
"revision_history": [
{
"date": "2024-03-19T15:19:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-19T15:19:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:35:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.15 for RHEL 9",
"product": {
"name": "RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.15.0-37"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.15.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.15.0-81"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.15.0-57"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.15.0-6"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.15.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.15.0-158"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.15.0-103"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.15.0-68"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.15.0-39"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.15.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.15.0-79"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.15.0-22"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.15.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.15.0-10"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.15.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.15.0-19"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.15.0-21"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64 as a component of RHODF 4.15 for RHEL 9",
"product_id": "9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35937",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964125"
}
],
"notes": [
{
"category": "description",
"text": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rpm: TOCTOU race in checks for unsafe symlinks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"category": "external",
"summary": "RHBZ#1964125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35937"
}
],
"release_date": "2021-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rpm: TOCTOU race in checks for unsafe symlinks"
},
{
"cve": "CVE-2021-35938",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2021-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964114"
}
],
"notes": [
{
"category": "description",
"text": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rpm: races with chown/chmod/capabilities calls during installation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"category": "external",
"summary": "RHBZ#1964114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35938"
},
{
"category": "external",
"summary": "https://rpm.org/wiki/Releases/4.18.0",
"url": "https://rpm.org/wiki/Releases/4.18.0"
}
],
"release_date": "2021-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rpm: races with chown/chmod/capabilities calls during installation"
},
{
"cve": "CVE-2021-35939",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2021-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964129"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rpm: checks for unsafe symlinks are not performed for intermediary directories",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"category": "external",
"summary": "RHBZ#1964129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35939"
},
{
"category": "external",
"summary": "https://rpm.org/wiki/Releases/4.18.0",
"url": "https://rpm.org/wiki/Releases/4.18.0"
}
],
"release_date": "2021-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rpm: checks for unsafe symlinks are not performed for intermediary directories"
},
{
"cve": "CVE-2023-3462",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HashiCorp Vault. The Vault and Vault Enterprise (\u201cVault\u201d) LDAP auth method allows unauthenticated users to potentially enumerate valid accounts in the configured LDAP system by observing the response error when querying usernames.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Hashicorp/vault: Vault\u2019s LDAP Auth Method Allows for User Enumeration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3462"
},
{
"category": "external",
"summary": "RHBZ#2228020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3462"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714"
}
],
"release_date": "2023-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Hashicorp/vault: Vault\u2019s LDAP Auth Method Allows for User Enumeration"
},
{
"acknowledgments": [
{
"names": [
"Tony Battersby"
],
"organization": "Cybernetics",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2023-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL in how it processes key and initialization vector (IV) lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. Both truncations and overruns of the key and the IV will produce incorrect results and could, in some cases, trigger a memory exception.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Incorrect cipher key and IV length processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified bug in the processing of key and initialization vector (IV) lengths within certain symmetric cipher modes poses a moderate severity risk due to its potential impact on data confidentiality and integrity. While the truncation or overreading of key and IV lengths could lead to incorrect cryptographic operations and potential memory exceptions, the probability of exploitation is mitigated by several factors. Firstly, the affected API was recently introduced, limiting its widespread adoption. Secondly, altering key and IV lengths is not a common operation in most cryptographic implementations. Furthermore, the likelihood of vulnerability is reduced by the necessity for both communication peers to be similarly affected for decryption failures to occur, which would likely be detected during testing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5363"
},
{
"category": "external",
"summary": "RHBZ#2243839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5363"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20231024.txt",
"url": "https://www.openssl.org/news/secadv/20231024.txt"
}
],
"release_date": "2023-10-24T15:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Incorrect cipher key and IV length processing"
},
{
"cve": "CVE-2023-5954",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-11-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2249115"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in The HashiCorp Vault, which may be susceptible to a denial of service due to an unbounded consumption of memory when handling policy requests. This issue may allow an attacker to trigger policy checks by sending multiple inbound client requests that create a logger that is never removed from memory, leading to excessive memory consumption, causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vault: inbound client requests can trigger a denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5954"
},
{
"category": "external",
"summary": "RHBZ#2249115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249115"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5954"
},
{
"category": "external",
"summary": "https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926",
"url": "https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926"
}
],
"release_date": "2023-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vault: inbound client requests can trigger a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Daiki Ueno"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2023-5981",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2023-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248445"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: timing side-channel in the RSA-PSK authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5981"
},
{
"category": "external",
"summary": "RHBZ#2248445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5981"
},
{
"category": "external",
"summary": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23",
"url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "To address the issue found upgrade to GnuTLS 3.8.2 or later versions.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: timing side-channel in the RSA-PSK authentication"
},
{
"cve": "CVE-2023-7104",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256194"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: heap-buffer-overflow at sessionfuzz",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as having a moderate impact because it affects a non-critical component, lacks details on an easy exploitation method, and doesn\u0027t indicate severe impacts (such as remote code execution). So the risk is reduced by exploitation complexity and the absence of a clear and severe threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-7104"
},
{
"category": "external",
"summary": "RHBZ#2256194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-7104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7104"
}
],
"release_date": "2023-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sqlite: heap-buffer-overflow at sessionfuzz"
},
{
"cve": "CVE-2023-24532",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2023-07-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24532"
},
{
"category": "external",
"summary": "RHBZ#2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532"
},
{
"category": "external",
"summary": "https://go.dev/cl/471255",
"url": "https://go.dev/cl/471255"
},
{
"category": "external",
"summary": "https://go.dev/issue/58647",
"url": "https://go.dev/issue/58647"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY",
"url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1621",
"url": "https://pkg.go.dev/vuln/GO-2023-1621"
}
],
"release_date": "2023-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results"
},
{
"cve": "CVE-2023-26159",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256413"
}
],
"notes": [
{
"category": "description",
"text": "An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "follow-redirects is a transitive dependency of Grafana, and does not affect Red Hat Enterprise Linux 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26159"
},
{
"category": "external",
"summary": "RHBZ#2256413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159"
}
],
"release_date": "2024-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196183"
}
],
"notes": [
{
"category": "description",
"text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27043"
},
{
"category": "external",
"summary": "RHBZ#2196183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196183"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27043"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7051467",
"url": "https://access.redhat.com/articles/7051467"
}
],
"release_date": "2023-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple"
},
{
"cve": "CVE-2023-28486",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2023-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo\u0027s log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands, leading to a leak of restricted information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: Sudo does not escape control characters in log messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28486"
},
{
"category": "external",
"summary": "RHBZ#2179272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28486"
}
],
"release_date": "2023-03-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sudo: Sudo does not escape control characters in log messages"
},
{
"cve": "CVE-2023-28487",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2023-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179273"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the \"sudoreplay -l\u0027 command improperly escapes terminal control characters. As sudo\u0027s log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands, leading to a leak of restricted information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: Sudo does not escape control characters in sudoreplay output",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28487"
},
{
"category": "external",
"summary": "RHBZ#2179273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28487"
}
],
"release_date": "2023-03-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sudo: Sudo does not escape control characters in sudoreplay output"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39615",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-08-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2235864"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libxml2, where it contains a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a denial of service (DoS) by supplying a crafted XML file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: crafted xml can cause global buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39615"
},
{
"category": "external",
"summary": "RHBZ#2235864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535"
}
],
"release_date": "2023-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: crafted xml can cause global buffer overflow"
},
{
"cve": "CVE-2023-42282",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265161"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the NPM IP Package. This flaw allows an attacker to perform arbitrary code execution and obtain sensitive information via the isPublic() function by inducing a Server-Side Request Forgery (SSRF) attack and obtaining access to normally inaccessible resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ip: arbitrary code execution via the isPublic() function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It appears that npm does not utilize the bundled code therefore Red Hat Enterprise Linux is not affected by this vulnerability.\n\nWhile the vulnerability in the NPM IP Package presents a significant security concern, it\u0027s categorized as important rather than critical due to several factors. Firstly, the misclassification of the private IP address 0x7f.1 as public by the isPublic() function does not directly lead to remote code execution or unauthorized access to critical systems. Instead, it facilitates SSRF attacks, which typically require additional conditions to fully exploit, such as the ability to influence server-side requests and responses. Additionally, the impact of SSRF attacks can vary depending on the specific environment and configuration of the affected system. While SSRF attacks can potentially lead to data exposure, service disruption, or lateral movement within a network, their severity is often mitigated by factors such as network segmentation, access controls, and the availability of sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42282"
},
{
"category": "external",
"summary": "RHBZ#2265161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282"
},
{
"category": "external",
"summary": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html",
"url": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-ip: arbitrary code execution via the isPublic() function"
},
{
"cve": "CVE-2023-42465",
"cwe": {
"id": "CWE-1319",
"name": "Improper Protection against Electromagnetic Fault Injection (EM-FI)"
},
"discovery_date": "2023-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2255568"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: Targeted Corruption of Register and Stack Variables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "\"Mayhem\" is a potent attack technique that focuses on the core components of computing systems, specifically the CPU internals and stack variables. This method signifies a noteworthy advancement in cyber threats, demonstrating a successful ability to tamper with a computer\u0027s memory and compromise both stack and register variables. Capitalizing on the well-known Rowhammer effect, wherein swift access to a DRAM row induces bit flips in neighboring rows, this clever attack exploits these bit flips to disrupt stack variables and manipulate register values within a given process. The manipulation is accomplished by targeting register values stored in the process\u0027s stack, which, once flushed out to memory, become vulnerable to Rowhammer attacks. When reloaded, these corrupted values cause chaos, compromising the integrity of the entire process. It\u0027s important to note that this attack is confined to the local system, leading us to categorize it as a moderate threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42465"
},
{
"category": "external",
"summary": "RHBZ#2255568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255568"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42465"
},
{
"category": "external",
"summary": "https://arxiv.org/pdf/2309.02545.pdf",
"url": "https://arxiv.org/pdf/2309.02545.pdf"
},
{
"category": "external",
"summary": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f",
"url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f"
}
],
"release_date": "2023-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "In general to address this issue, it\u0027s crucial to implement robust logic that prevents unintended execution from a single-bit flip. \n\nBut mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sudo: Targeted Corruption of Register and Stack Variables"
},
{
"cve": "CVE-2023-43646",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241149"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the get-func-name package in the chai module. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "get-func-name: ReDoS in chai module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "- This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input: \u0027\\t\u0027.repeat(54773) + \u0027\\t/function/i\u0027\n\n- The get-func-name package is a build-time dependency in Red Hat products, which reduces the chance of successful exploitation. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-43646"
},
{
"category": "external",
"summary": "RHBZ#2241149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-43646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43646"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43646",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43646"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4q6p-r6v2-jvc5",
"url": "https://github.com/advisories/GHSA-4q6p-r6v2-jvc5"
},
{
"category": "external",
"summary": "https://github.com/chaijs/get-func-name/blob/78ad756441a83f3dc203e50f76c113ae3ac017dc/index.js#L15",
"url": "https://github.com/chaijs/get-func-name/blob/78ad756441a83f3dc203e50f76c113ae3ac017dc/index.js#L15"
}
],
"release_date": "2023-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "get-func-name: ReDoS in chai module"
},
{
"cve": "CVE-2023-43804",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242493"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn\u0027t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\u0027t disable redirects explicitly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-43804"
},
{
"category": "external",
"summary": "RHBZ#2242493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804"
}
],
"release_date": "2023-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects"
},
{
"cve": "CVE-2023-45803",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn\u0027t remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren\u0027t putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn\u0027t exploitable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both of the following conditions must be true to be affected by this vulnerability: \n1. Using urllib3 and submitting sensitive information in the HTTP request body such as form data or JSON\n2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45803"
},
{
"category": "external",
"summary": "RHBZ#2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9",
"url": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Users unable to update should disable redirects for services that aren\u0027t expecting to respond with redirects with `redirects=False`, disable automatic redirects with `redirects=False`, and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET"
},
{
"acknowledgments": [
{
"names": [
"Harry Sintonen"
],
"organization": "reported"
},
{
"names": [
"Daniel Stenberg"
],
"organization": "patched"
}
],
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2023-11-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252030"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set \"super cookies\" in curl that are passed back to more origins than what is otherwise allowed or possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: information disclosure by exploiting a mixed case flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "When curl is built without PSL support, it cannot protect against this problem but it is expected to not allow \"too wide\" cookies when PSL support is enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46218"
},
{
"category": "external",
"summary": "RHBZ#2252030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-46218.html",
"url": "https://curl.se/docs/CVE-2023-46218.html"
}
],
"release_date": "2023-12-06T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: information disclosure by exploiting a mixed case flaw"
},
{
"cve": "CVE-2023-48631",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254559"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in Adobe\u0027s css-tools when parsing CSS. This issue occurs due to improper input validation and may allow an attacker to use a carefully crafted input string to cause a denial of service, especially when attempting to parse CSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "css-tools: regular expression denial of service (ReDoS) when parsing CSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Regular Expression Denial of Service (ReDoS) vulnerability in css-tools, triggered by improper input validation when parsing CSS, is considered of moderate severity. While it can lead to a denial of service by causing the application to become unresponsive, the impact is limited to scenarios where an attacker can provide crafted input. Additionally, the absence of evidence of active exploitation in the wild and contextual factors, such as the software\u0027s usage, contribute to the moderate severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48631"
},
{
"category": "external",
"summary": "RHBZ#2254559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254559"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48631",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48631"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48631",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48631"
},
{
"category": "external",
"summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2",
"url": "https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2"
}
],
"release_date": "2023-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "css-tools: regular expression denial of service (ReDoS) when parsing CSS"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2023-12-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2255271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: potential command injection via shell metacharacters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The ability to execute OS commands is dependent on what quoting is present in the user-supplied ssh_config directive. However, it is generally the user\u0027s responsibility to validate arguments passed to SSH.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51385"
},
{
"category": "external",
"summary": "RHBZ#2255271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51385"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: potential command injection via shell metacharacters"
},
{
"cve": "CVE-2024-0553",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"discovery_date": "2024-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258412"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: incomplete fix for CVE-2023-5981",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in the GnuTLS library, designated as CVE-2024-0553, presents a moderate severity concern due to its potential for facilitating timing side-channel attacks in RSA-PSK ciphersuites. While the flaw allows for the exploitation of timing differentials during the key exchange process, enabling attackers to infer sensitive data, its impact is constrained by several factors. Firstly, successful exploitation requires precise timing measurements and sophisticated analysis techniques, posing a significant barrier to entry for potential attackers. Additionally, the effectiveness of the attack is contingent on environmental factors such as network latency and system load, further limiting its practical feasibility. \n\n This issue marked as an incomplete resolution for a previously identified vulnerability, CVE-2023-5981, indicating a potential persistence or recurrence of the problem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-0553"
},
{
"category": "external",
"summary": "RHBZ#2258412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0553",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0553"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1522",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1522"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
}
],
"release_date": "2024-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: incomplete fix for CVE-2023-5981"
},
{
"cve": "CVE-2024-0567",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258544"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: rejects certificate chain with distributed trust",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is marked as moderate because it involves a vulnerability in GnuTLS, specifically affecting Cockpit, which utilizes GnuTLS. The vulnerability arises when a certificate chain with distributed trust is rejected during validation using cockpit-certificate-ensure. Although this flaw could potentially be exploited by an unauthenticated remote attacker to trigger a denial of service attack on the client, it\u0027s important to note that specific server configurations are required for client authentication requests.\n\nThis is a bug in the GnuTLS library, Cockpit does not copy this code, but uses the shared lib at runtime. Hence, patching gnutls is necessary and sufficient to address this, hance Cockpit is not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-0567"
},
{
"category": "external",
"summary": "RHBZ#2258544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0567"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1521",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1521"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
}
],
"release_date": "2024-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-19T15:19:34+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:5e262fe96badcdebcf0fc40e07acecd607b83a3d48fb90b05bc89ebe790add14_amd64",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:765e623f5b4de11f0482f3abde344df4946665046c9190293a0ae9a5d0d62cd2_s390x",
"9Base-RHODF-4.15:odf4/cephcsi-rhel9@sha256:b4b66a42eb728b46ff977431fd07be976d465680f49516dac3f433cdd12e4dbc_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:23becbe8a9d70cda09e2d10fdd3411b943368a3d92535798d595d29b5bbc4f7e_arm64",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:31d951727244d235e62aed00d1121c6f8da4b9d22e895dcfdc814a8545442dac_s390x",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:b0eece2979587d7884f8707a6026e28a4aa7a3d96646b01249a9e351acf6b935_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-core-rhel9@sha256:f98634a0fa2517efb383bf6c2a4809f150408225875d7425e64a339209d72e32_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:19c29de2cf31f95e5f363064095602656355879eb19c778a8655083cebd54ce6_amd64",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:3303677bc0ba2cc5e3f55ae313b516f32378b67a20389f69e09e2c3a9738a87d_s390x",
"9Base-RHODF-4.15:odf4/mcg-operator-bundle@sha256:98fb1b9309d82c663d3118d19fe776de51a277c474a42bf249fdf075f6993bc4_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:93ed7e87e7660991843f3b2114ff2abe74f3b509c2b9a0ee32fc8707051203af_amd64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:94f6dded2ff421275b26d147e35d33e383f06ecb04cd0a618d8b4c5046d0e307_ppc64le",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d04a5a9748ac34459c21d4d10efcc9318220c7ceeeb15c41c56cae9bfbb44872_arm64",
"9Base-RHODF-4.15:odf4/mcg-rhel9-operator@sha256:d312e5adf2261eeab1106a72565652637d42e2d49d2294cb1413be62697f18d2_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:1add011155a8f31010d52ab3a441a332272ca8bc0bbe93f21d126ed99b07218a_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:abe77b4860b2c3d88b081aa0bb69c996cb83bc288209aa805de626220cc0ad48_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-console-rhel9@sha256:f1b19a6b805ad0ae2bc7dc08f2e7992e9d440bfa858d5ac2667f9311a95d6e12_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:7fdae4274b87123284a7fb6cc7b56be3e22be629ff834d658a9afd867ef6473b_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:85b41f9c66184ccc262cb8e00d3fdeb9029ca5c39df5521afb44bac604039bbe_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-operator-bundle@sha256:b081d99f0507897a3217db22bca57a948bbefdf27e30fd0506275b1dd908c7f6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:54d229a2b193748da1f66de6ce0c405f591808dd35e26dd0304582d86ba4d708_arm64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:d027156f3a8a80a12cfe6bdf207a25a3b1e0e84db9a59853072fdc6ea3766e18_s390x",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:e40c768e57bc8fc19a4028d8474cc00529b05fea3e1fdc7bd793c0b49df4891b_amd64",
"9Base-RHODF-4.15:odf4/ocs-client-rhel9-operator@sha256:f3b2c47af82b837c2f51cf04d4b7fc973bb3774151d144354d12e9893eadbcef_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:378212f323bd7dcc080f31b2f75082ec28c3d6104240c6eb2763d6bd2fc94d8e_s390x",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:c89d0ad159bff3915c121a3b97a3dc207d69cab48a25c73e27b53f2aacc6ebf7_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-metrics-exporter-rhel9@sha256:f437b8176480efc681950d885ce5a2816e3bc1a8bcb98b8d02fef7c201134c21_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:001f41ba066f39fc00818ec9982d5408415cc41cfa0c35e17a81310994e976a6_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:72c56580bab623f3e19418c52a6cc2e062c1f799e30609a4d4e292f525d01ec2_amd64",
"9Base-RHODF-4.15:odf4/ocs-operator-bundle@sha256:e63f59d7d4aeff45ffe3e5d622b0526f568f39b559f21fa87f08a69e1a8452ac_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:2ee595d52185127dbcef534dee457e9bdb2e72c7292fdafaec8f730e00762ef9_ppc64le",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:4ce02a91070158e2b0e199d6949b66daa9ecdb716dddcbc586c368cd5180dd16_s390x",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:b94cc2b0df9566a19418cd9445018c7974bdeb501b9bc26d374f8ecc400ff725_amd64",
"9Base-RHODF-4.15:odf4/ocs-rhel9-operator@sha256:f0eed493b993b35b41819c28e10218d5e3cae8da5a4fc6050a845c24b440b198_arm64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:5f9fc660dfa8507f01495558580e75612e3468fea4222f1a2fd9aac88533cdde_amd64",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:8bcf56bad8bfa401441828b8f2c77a88697f83103360f76f534abaabc7b4ed1f_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:bb23cf0882f1174a311a05c59646cb1cf30d4a74a297c854c19a26152d47ab47_s390x",
"9Base-RHODF-4.15:odf4/odf-cli-rhel9@sha256:d6ad83e3d8739bc004c3f634674badca5bfb284ef78b336f2e68509687bda0a2_arm64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:7dcf6b7101b8ebc902b7582dc2038f261b0d7f4783f0ac6ac8d97c60126801b2_s390x",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9a90552dd4d8921f3ef1f2a090140ec0d2de3ee41d1b7a6d9963104689618153_amd64",
"9Base-RHODF-4.15:odf4/odf-console-rhel9@sha256:9e12f5478515f1641afb3a4dde983671270afeed59a6372a30c74b3b7a5936a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:c7c5f4cbee26d0ef67fcf9294d3773e2e37308ae56da865cc0ad356ed8f5e206_s390x",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:d984ee4c271840b18c3b2624e24db18a7be822950d00eab744a7ccd88998c539_amd64",
"9Base-RHODF-4.15:odf4/odf-cosi-sidecar-rhel9@sha256:dbf68ee98865ddf8ace7a8f626c7c588f35724bc565ce10ffe23d4c76bf2c7e5_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:04ccc74bd95015ac4cfa72deca9fdc1b21b968e61640c525ad6e2ae5ce138cb1_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:3738a473f48376f6debe80dfed9d4decbfffd0a4ea04f59a9d20b7b6b7039830_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-operator-bundle@sha256:cc9a1591a6dde4b82a87915589458a5741566e29cc80e16f2d96bd5bafc85bbe_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:32f3f0dbf489a6db8f56235780e2dd119c6295b8fa4d5216418daa17203e38c8_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:3efe898c6142154200e47f4615acf03b0ce6c30ead6470307a782a9a2578cf53_ppc64le",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:b5ca5ce01ba5ac651a1442498c18b2620bd290d64e902f94810162e172d749ba_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-rhel9-operator@sha256:fe0cbb229b959a9fe2f47c08fbe6239a275bd30e6dc00e81e6f5f97ef8211a38_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:033f3718e8a073dc2ebc871a2c623ff684a2a9d73c46f9d300a0ca0426c1233b_amd64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:2e339236492b5bf2e881b8e88c40f54b4b0b9dddbe442363b2efb92dfd720d29_s390x",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:7c900a434cff47dae8662ff00e64542b591eb388e5aecdc9fe3746542f278f9c_arm64",
"9Base-RHODF-4.15:odf4/odf-csi-addons-sidecar-rhel9@sha256:ca132fd7b3c36d14ba87259812a92f219bc4cceb12ba30a119062b95f86963e9_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:7fcb03d69dbceff7968a78ee658c6c8318253f59262d5e3e8c898a5b45316067_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:b088bec0345723d1a1916f77908adff41574b1327428576503d15390cd26430f_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-console-rhel9@sha256:f294e16791a917b48c09d075f327e97b17cf5307356a3626da618a13952c8cfb_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:a49eef2a4eaf6751f2e2addfaecdcf2e8c44d989e5bb617747d12dbee56cc862_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:b2c64034cfa1ed2865a2f53ee075063a9b2e9c9dc288f09eec1b0e7df4e7b4ef_s390x",
"9Base-RHODF-4.15:odf4/odf-multicluster-operator-bundle@sha256:e8ff736bac5d26c34a47f72b019597b71eba1235d382b0879f21f38e366d669d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:078b72a6719351177b317ecdc257534c78fbc7ab23e0918392aea48767cbe9eb_amd64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:21f83cb5ff06ee334b44f85fe0f6dbb2e18216f27a493c56a35e319512887697_arm64",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:369d1d12a4f8d7fe23f33553e2aa7f5491e1233b988c11b71ed8f2d9d512ad1c_ppc64le",
"9Base-RHODF-4.15:odf4/odf-multicluster-rhel9-operator@sha256:d09dcf83c8efd61a8409c6677c284705a9e53a42931d2afc432e1676d308dbfe_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:1a5797806a22bd7e683138c043a45f6d59b19d6ef5d92a07cf47226991512520_s390x",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:7e8c6afa59ea01c3f827852bcbde72e129713f19bd0c3528d2b42818eedfbc5d_amd64",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ad4964e6ff46b37a4903b3cc13b216e29d07b4864b607a12db755b45884db656_ppc64le",
"9Base-RHODF-4.15:odf4/odf-must-gather-rhel9@sha256:ffca15ba53f5ba61368883cb03b21e4a3c071fc8f5565ed106e2599f55cdd402_arm64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:2df80b908fc7dfd07dae58d641d9ab412f345114bed59cdd59e7c2b9f274b1a3_ppc64le",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:3d7ea702b7c914d1708d3e01570a9d9a49880ad94f8dbe13f852d377e2de5448_amd64",
"9Base-RHODF-4.15:odf4/odf-operator-bundle@sha256:5254d6581a1e5c7bbdf2621448d812be6ae5a1931009a3f9aa1046176841f68b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:3776c9d3070eef0f138f92c1d795c5070fd36da9f253d5c40b06f2eda733415b_s390x",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:4044d62c852f88417de640f4d1c0fdf9e37d9b1c61de54ea379d321d9e04d05d_ppc64le",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:418e629e0aaf849c95257c6bcf23b3d51e87c5de7c008e7f53cd3acaa1295461_arm64",
"9Base-RHODF-4.15:odf4/odf-rhel9-operator@sha256:bfbc74cba2f0cf0daf18ff1064b72b975ec6f1d83342837673da6b2fc0cc9473_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:3744ce0820bfe62afe92f3d54dfe14e84855e31c74742e625076cb4c64a6f098_amd64",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:d9651310304b6f822609b3b4f3268582cf1d218d2ad0f123e3b09a095c78a1fd_s390x",
"9Base-RHODF-4.15:odf4/odr-cluster-operator-bundle@sha256:ebb47486174b4437bf8ccee7b642fa499e054e204d7c4cabc7f249beda3d0675_ppc64le",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:287d69fe191022e7681a5d6067128f72323cdcbc710f82e88e2cdd3d29410f9e_amd64",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:2e95ebb9976f65c2cbc4c9f96d3b262dab13aac1fb7740a1f4962d54e8a88470_s390x",
"9Base-RHODF-4.15:odf4/odr-hub-operator-bundle@sha256:95a9dfb1583482c881ded3de02d84776e3392a3d449146affaee05a289d97d45_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:1a9ee6e62764e9331fda9d9b947e011f7bc15c68edeef730780fe4b43e399a08_s390x",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:78368eb70e39f1977c0efaeff99a13f22dce181d2e8ec1dfb39fa6575c7bd6ef_ppc64le",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:b291ff5f30c8d2771315c2531e48c5484915d3ec5c3e7ca0d29157445f181b60_amd64",
"9Base-RHODF-4.15:odf4/odr-rhel9-operator@sha256:c10016cc04ebf7d944e6dbab8c15f7a60f277cb19487cf47cb8438d7060694f9_arm64",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:7066ce8a9b54bd3065d1b5a839350e7e7e57538a475873ea840435c111357e91_ppc64le",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:9e0986c18a9642b411e27b3f460c74f089ae4c15b94332999f84bfe690616ff0_s390x",
"9Base-RHODF-4.15:odf4/rook-ceph-rhel9-operator@sha256:a1f86e792657000ce9ba0faf3ee6ade5e11724146ab86b0b67e50cdab233fd4a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: rejects certificate chain with distributed trust"
}
]
}
RHSA-2024_1557
Vulnerability from csaf_redhat - Published: 2024-03-28 05:31 - Updated: 2024-12-17 22:37Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1
Severity
Critical
Notes
Topic: An update is now available for Red Hat OpenShift Builds 1.0.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Builds 1.0.
Security Fix(es):
* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients
* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.
8.1 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Builds 1.0.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Builds 1.0.\n\nSecurity Fix(es):\n\n* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)\n* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients\n* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1557",
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1557.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1",
"tracking": {
"current_release_date": "2024-12-17T22:37:23+00:00",
"generator": {
"date": "2024-12-17T22:37:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1557",
"initial_release_date": "2024-03-28T05:31:12+00:00",
"revision_history": [
{
"date": "2024-03-28T05:31:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-28T05:31:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:37:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Builds for Red Hat OpenShift 1.0",
"product": {
"name": "Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Builds for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"cve": "CVE-2023-49568",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258165"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49568"
},
{
"category": "external",
"summary": "RHBZ#2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r"
}
],
"release_date": "2023-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients"
},
{
"cve": "CVE-2023-49569",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258143"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49569"
},
{
"category": "external",
"summary": "RHBZ#2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients"
}
]
}
RHSA-2024_1674
Vulnerability from csaf_redhat - Published: 2024-04-04 15:23 - Updated: 2024-12-17 22:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Important
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
2 products
Known not affected
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
5.3 (Medium)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
Threats
Impact
Important
References
47 references
Acknowledgments
Ankur Sundara
AAIB IT Unix Team
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)\n\n* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)\n\n* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)\n\n* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1674",
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "JBEAP-19969",
"url": "https://issues.redhat.com/browse/JBEAP-19969"
},
{
"category": "external",
"summary": "JBEAP-26168",
"url": "https://issues.redhat.com/browse/JBEAP-26168"
},
{
"category": "external",
"summary": "JBEAP-26280",
"url": "https://issues.redhat.com/browse/JBEAP-26280"
},
{
"category": "external",
"summary": "JBEAP-26291",
"url": "https://issues.redhat.com/browse/JBEAP-26291"
},
{
"category": "external",
"summary": "JBEAP-26318",
"url": "https://issues.redhat.com/browse/JBEAP-26318"
},
{
"category": "external",
"summary": "JBEAP-26343",
"url": "https://issues.redhat.com/browse/JBEAP-26343"
},
{
"category": "external",
"summary": "JBEAP-26355",
"url": "https://issues.redhat.com/browse/JBEAP-26355"
},
{
"category": "external",
"summary": "JBEAP-26414",
"url": "https://issues.redhat.com/browse/JBEAP-26414"
},
{
"category": "external",
"summary": "JBEAP-26467",
"url": "https://issues.redhat.com/browse/JBEAP-26467"
},
{
"category": "external",
"summary": "JBEAP-26533",
"url": "https://issues.redhat.com/browse/JBEAP-26533"
},
{
"category": "external",
"summary": "JBEAP-26552",
"url": "https://issues.redhat.com/browse/JBEAP-26552"
},
{
"category": "external",
"summary": "JBEAP-26587",
"url": "https://issues.redhat.com/browse/JBEAP-26587"
},
{
"category": "external",
"summary": "JBEAP-26616",
"url": "https://issues.redhat.com/browse/JBEAP-26616"
},
{
"category": "external",
"summary": "JBEAP-26617",
"url": "https://issues.redhat.com/browse/JBEAP-26617"
},
{
"category": "external",
"summary": "JBEAP-26636",
"url": "https://issues.redhat.com/browse/JBEAP-26636"
},
{
"category": "external",
"summary": "JBEAP-26660",
"url": "https://issues.redhat.com/browse/JBEAP-26660"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1674.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update",
"tracking": {
"current_release_date": "2024-12-17T22:38:28+00:00",
"generator": {
"date": "2024-12-17T22:38:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1674",
"initial_release_date": "2024-04-04T15:23:51+00:00",
"revision_history": [
{
"date": "2024-04-04T15:23:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-04T15:23:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:38:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.9-3.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-18.redhat_00052.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-35.Final_redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-35.Final_redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.36-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.36-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.36-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.36-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-analyzers-common@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-backward-codecs@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-core@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-facet@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-misc@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queries@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queryparser@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.16-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.16-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.16-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.16-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper-debuginfo@1.1.2-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1973",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185662"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: unrestricted request storage leads to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1973"
},
{
"category": "external",
"summary": "RHBZ#2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:51+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: unrestricted request storage leads to memory exhaustion"
},
{
"acknowledgments": [
{
"names": [
"Ankur Sundara"
]
}
],
"cve": "CVE-2023-4639",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-01-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Cookie Smuggling/Spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4639"
},
{
"category": "external",
"summary": "RHBZ#2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:51+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Cookie Smuggling/Spoofing"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:51+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"acknowledgments": [
{
"names": [
"AAIB IT Unix Team"
]
}
],
"cve": "CVE-2024-1459",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2024-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259475"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: directory traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1459"
},
{
"category": "external",
"summary": "RHBZ#2259475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459"
}
],
"release_date": "2024-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:51+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: directory traversal vulnerability"
},
{
"cve": "CVE-2024-1635",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264928"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1635"
},
{
"category": "external",
"summary": "RHBZ#2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:51+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1674"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.2-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol"
}
]
}
RHSA-2024_1675
Vulnerability from csaf_redhat - Published: 2024-04-04 15:23 - Updated: 2024-12-17 22:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Important
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
2 products
Known not affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
5.3 (Medium)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
Threats
Impact
Important
References
47 references
Acknowledgments
Ankur Sundara
AAIB IT Unix Team
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)\n\n* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)\n\n* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)\n\n* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1675",
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "JBEAP-19969",
"url": "https://issues.redhat.com/browse/JBEAP-19969"
},
{
"category": "external",
"summary": "JBEAP-26168",
"url": "https://issues.redhat.com/browse/JBEAP-26168"
},
{
"category": "external",
"summary": "JBEAP-26280",
"url": "https://issues.redhat.com/browse/JBEAP-26280"
},
{
"category": "external",
"summary": "JBEAP-26291",
"url": "https://issues.redhat.com/browse/JBEAP-26291"
},
{
"category": "external",
"summary": "JBEAP-26318",
"url": "https://issues.redhat.com/browse/JBEAP-26318"
},
{
"category": "external",
"summary": "JBEAP-26343",
"url": "https://issues.redhat.com/browse/JBEAP-26343"
},
{
"category": "external",
"summary": "JBEAP-26355",
"url": "https://issues.redhat.com/browse/JBEAP-26355"
},
{
"category": "external",
"summary": "JBEAP-26414",
"url": "https://issues.redhat.com/browse/JBEAP-26414"
},
{
"category": "external",
"summary": "JBEAP-26467",
"url": "https://issues.redhat.com/browse/JBEAP-26467"
},
{
"category": "external",
"summary": "JBEAP-26533",
"url": "https://issues.redhat.com/browse/JBEAP-26533"
},
{
"category": "external",
"summary": "JBEAP-26552",
"url": "https://issues.redhat.com/browse/JBEAP-26552"
},
{
"category": "external",
"summary": "JBEAP-26587",
"url": "https://issues.redhat.com/browse/JBEAP-26587"
},
{
"category": "external",
"summary": "JBEAP-26616",
"url": "https://issues.redhat.com/browse/JBEAP-26616"
},
{
"category": "external",
"summary": "JBEAP-26617",
"url": "https://issues.redhat.com/browse/JBEAP-26617"
},
{
"category": "external",
"summary": "JBEAP-26636",
"url": "https://issues.redhat.com/browse/JBEAP-26636"
},
{
"category": "external",
"summary": "JBEAP-26660",
"url": "https://issues.redhat.com/browse/JBEAP-26660"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1675.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update",
"tracking": {
"current_release_date": "2024-12-17T22:38:16+00:00",
"generator": {
"date": "2024-12-17T22:38:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1675",
"initial_release_date": "2024-04-04T15:23:50+00:00",
"revision_history": [
{
"date": "2024-04-04T15:23:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-04T15:23:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:38:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.9-3.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-18.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-35.Final_redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-35.Final_redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-analyzers-common@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-backward-codecs@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-core@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-facet@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-grouping@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-misc@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queries@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queryparser@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.16-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1973",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185662"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: unrestricted request storage leads to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1973"
},
{
"category": "external",
"summary": "RHBZ#2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:50+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: unrestricted request storage leads to memory exhaustion"
},
{
"acknowledgments": [
{
"names": [
"Ankur Sundara"
]
}
],
"cve": "CVE-2023-4639",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-01-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Cookie Smuggling/Spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4639"
},
{
"category": "external",
"summary": "RHBZ#2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:50+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Cookie Smuggling/Spoofing"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:50+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"acknowledgments": [
{
"names": [
"AAIB IT Unix Team"
]
}
],
"cve": "CVE-2024-1459",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2024-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259475"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: directory traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1459"
},
{
"category": "external",
"summary": "RHBZ#2259475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459"
}
],
"release_date": "2024-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:50+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: directory traversal vulnerability"
},
{
"cve": "CVE-2024-1635",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264928"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1635"
},
{
"category": "external",
"summary": "RHBZ#2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:50+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1675"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-grouping-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol"
}
]
}
RHSA-2024_1676
Vulnerability from csaf_redhat - Published: 2024-04-04 15:23 - Updated: 2024-12-17 22:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Important
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
2 products
Known not affected
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
5.3 (Medium)
Affected products
Fixed
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
Threats
Impact
Important
References
47 references
Acknowledgments
Ankur Sundara
AAIB IT Unix Team
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)\n\n* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)\n\n* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)\n\n* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1676",
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "JBEAP-19969",
"url": "https://issues.redhat.com/browse/JBEAP-19969"
},
{
"category": "external",
"summary": "JBEAP-26168",
"url": "https://issues.redhat.com/browse/JBEAP-26168"
},
{
"category": "external",
"summary": "JBEAP-26280",
"url": "https://issues.redhat.com/browse/JBEAP-26280"
},
{
"category": "external",
"summary": "JBEAP-26291",
"url": "https://issues.redhat.com/browse/JBEAP-26291"
},
{
"category": "external",
"summary": "JBEAP-26318",
"url": "https://issues.redhat.com/browse/JBEAP-26318"
},
{
"category": "external",
"summary": "JBEAP-26343",
"url": "https://issues.redhat.com/browse/JBEAP-26343"
},
{
"category": "external",
"summary": "JBEAP-26355",
"url": "https://issues.redhat.com/browse/JBEAP-26355"
},
{
"category": "external",
"summary": "JBEAP-26414",
"url": "https://issues.redhat.com/browse/JBEAP-26414"
},
{
"category": "external",
"summary": "JBEAP-26467",
"url": "https://issues.redhat.com/browse/JBEAP-26467"
},
{
"category": "external",
"summary": "JBEAP-26533",
"url": "https://issues.redhat.com/browse/JBEAP-26533"
},
{
"category": "external",
"summary": "JBEAP-26552",
"url": "https://issues.redhat.com/browse/JBEAP-26552"
},
{
"category": "external",
"summary": "JBEAP-26587",
"url": "https://issues.redhat.com/browse/JBEAP-26587"
},
{
"category": "external",
"summary": "JBEAP-26616",
"url": "https://issues.redhat.com/browse/JBEAP-26616"
},
{
"category": "external",
"summary": "JBEAP-26617",
"url": "https://issues.redhat.com/browse/JBEAP-26617"
},
{
"category": "external",
"summary": "JBEAP-26636",
"url": "https://issues.redhat.com/browse/JBEAP-26636"
},
{
"category": "external",
"summary": "JBEAP-26660",
"url": "https://issues.redhat.com/browse/JBEAP-26660"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1676.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update",
"tracking": {
"current_release_date": "2024-12-17T22:38:42+00:00",
"generator": {
"date": "2024-12-17T22:38:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1676",
"initial_release_date": "2024-04-04T15:23:45+00:00",
"revision_history": [
{
"date": "2024-04-04T15:23:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-04T15:23:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:38:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-3.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.9-3.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.22-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.22-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-eclipse-jgit@5.13.3.202401111512-1.r_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-18.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups-kubernetes@1.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.21-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-35.Final_redhat_00034.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-35.Final_redhat_00034.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-35.Final_redhat_00034.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.30-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-4.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.12-1.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-analyzers-common@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-backward-codecs@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-core@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-facet@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-misc@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queries@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-queryparser@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_id": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-lucene-solr@5.5.5-6.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.16-4.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.2-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src"
},
"product_reference": "eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1973",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185662"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: unrestricted request storage leads to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1973"
},
{
"category": "external",
"summary": "RHBZ#2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: unrestricted request storage leads to memory exhaustion"
},
{
"acknowledgments": [
{
"names": [
"Ankur Sundara"
]
}
],
"cve": "CVE-2023-4639",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-01-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Cookie Smuggling/Spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4639"
},
{
"category": "external",
"summary": "RHBZ#2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Cookie Smuggling/Spoofing"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"acknowledgments": [
{
"names": [
"AAIB IT Unix Team"
]
}
],
"cve": "CVE-2024-1459",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2024-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259475"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: directory traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1459"
},
{
"category": "external",
"summary": "RHBZ#2259475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459"
}
],
"release_date": "2024-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: directory traversal vulnerability"
},
{
"cve": "CVE-2024-1635",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264928"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1635"
},
{
"category": "external",
"summary": "RHBZ#2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:23:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1676"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-18.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-cxf-rt-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-services-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-cxf-tools-0:3.4.10-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jberet-core-0:1.3.9-3.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-35.Final_redhat_00034.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-lucene-analyzers-common-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-backward-codecs-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-core-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-facet-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-misc-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queries-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-queryparser-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.22-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.16-4.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol"
}
]
}
RHSA-2024_1677
Vulnerability from csaf_redhat - Published: 2024-04-04 15:22 - Updated: 2024-12-17 22:38Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)
* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)
* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)
* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
48 references
Acknowledgments
Ankur Sundara
AAIB IT Unix Team
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.16 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.15, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.16 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Cookie Smuggling/Spoofing [eap-7.4.z] (CVE-2023-4639)\n\n* apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [eap-7.4.z] (CVE-2023-48795)\n\n* undertow: unrestricted request storage leads to memory exhaustion [eap-7.4.z] (CVE-2023-1973)\n\n* undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol [eap-7.4.z] (CVE-2024-1635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1677",
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "JBEAP-19969",
"url": "https://issues.redhat.com/browse/JBEAP-19969"
},
{
"category": "external",
"summary": "JBEAP-26168",
"url": "https://issues.redhat.com/browse/JBEAP-26168"
},
{
"category": "external",
"summary": "JBEAP-26280",
"url": "https://issues.redhat.com/browse/JBEAP-26280"
},
{
"category": "external",
"summary": "JBEAP-26291",
"url": "https://issues.redhat.com/browse/JBEAP-26291"
},
{
"category": "external",
"summary": "JBEAP-26318",
"url": "https://issues.redhat.com/browse/JBEAP-26318"
},
{
"category": "external",
"summary": "JBEAP-26343",
"url": "https://issues.redhat.com/browse/JBEAP-26343"
},
{
"category": "external",
"summary": "JBEAP-26355",
"url": "https://issues.redhat.com/browse/JBEAP-26355"
},
{
"category": "external",
"summary": "JBEAP-26414",
"url": "https://issues.redhat.com/browse/JBEAP-26414"
},
{
"category": "external",
"summary": "JBEAP-26467",
"url": "https://issues.redhat.com/browse/JBEAP-26467"
},
{
"category": "external",
"summary": "JBEAP-26533",
"url": "https://issues.redhat.com/browse/JBEAP-26533"
},
{
"category": "external",
"summary": "JBEAP-26552",
"url": "https://issues.redhat.com/browse/JBEAP-26552"
},
{
"category": "external",
"summary": "JBEAP-26587",
"url": "https://issues.redhat.com/browse/JBEAP-26587"
},
{
"category": "external",
"summary": "JBEAP-26616",
"url": "https://issues.redhat.com/browse/JBEAP-26616"
},
{
"category": "external",
"summary": "JBEAP-26617",
"url": "https://issues.redhat.com/browse/JBEAP-26617"
},
{
"category": "external",
"summary": "JBEAP-26636",
"url": "https://issues.redhat.com/browse/JBEAP-26636"
},
{
"category": "external",
"summary": "JBEAP-26660",
"url": "https://issues.redhat.com/browse/JBEAP-26660"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1677.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update",
"tracking": {
"current_release_date": "2024-12-17T22:38:54+00:00",
"generator": {
"date": "2024-12-17T22:38:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1677",
"initial_release_date": "2024-04-04T15:22:45+00:00",
"revision_history": [
{
"date": "2024-04-04T15:22:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-05T10:53:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:38:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1973",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185662"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: unrestricted request storage leads to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1973"
},
{
"category": "external",
"summary": "RHBZ#2185662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185662"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1973"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:22:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied.\nAlso, back up your existing installation, including all applications, configuration files, databases and database settings.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: unrestricted request storage leads to memory exhaustion"
},
{
"acknowledgments": [
{
"names": [
"Ankur Sundara"
]
}
],
"cve": "CVE-2023-4639",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Cookie Smuggling/Spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4639"
},
{
"category": "external",
"summary": "RHBZ#2166022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4639"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:22:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied.\nAlso, back up your existing installation, including all applications, configuration files, databases and database settings.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Cookie Smuggling/Spoofing"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:22:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied.\nAlso, back up your existing installation, including all applications, configuration files, databases and database settings.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"acknowledgments": [
{
"names": [
"AAIB IT Unix Team"
]
}
],
"cve": "CVE-2024-1459",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2024-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259475"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: directory traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1459"
},
{
"category": "external",
"summary": "RHBZ#2259475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1459"
}
],
"release_date": "2024-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:22:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied.\nAlso, back up your existing installation, including all applications, configuration files, databases and database settings.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: directory traversal vulnerability"
},
{
"cve": "CVE-2024-1635",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264928"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. \r\n\r\nAt HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1635"
},
{
"category": "external",
"summary": "RHBZ#2264928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1635"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-04T15:22:45+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied.\nAlso, back up your existing installation, including all applications, configuration files, databases and database settings.\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1677"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol"
}
]
}
RHSA-2024_1859
Vulnerability from csaf_redhat - Published: 2024-04-16 17:26 - Updated: 2024-12-17 22:38Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update
Severity
Moderate
Notes
Topic: OpenShift API for Data Protection (OADP) 1.3.1 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server's memory by sending many malicious requests, affecting the availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
5.9 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x | — |
Workaround
|
Threats
Impact
Moderate
References
60 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.3.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)\n\n* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)\n\n* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1859",
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "OADP-1912",
"url": "https://issues.redhat.com/browse/OADP-1912"
},
{
"category": "external",
"summary": "OADP-2866",
"url": "https://issues.redhat.com/browse/OADP-2866"
},
{
"category": "external",
"summary": "OADP-3005",
"url": "https://issues.redhat.com/browse/OADP-3005"
},
{
"category": "external",
"summary": "OADP-3038",
"url": "https://issues.redhat.com/browse/OADP-3038"
},
{
"category": "external",
"summary": "OADP-3041",
"url": "https://issues.redhat.com/browse/OADP-3041"
},
{
"category": "external",
"summary": "OADP-3044",
"url": "https://issues.redhat.com/browse/OADP-3044"
},
{
"category": "external",
"summary": "OADP-3051",
"url": "https://issues.redhat.com/browse/OADP-3051"
},
{
"category": "external",
"summary": "OADP-3055",
"url": "https://issues.redhat.com/browse/OADP-3055"
},
{
"category": "external",
"summary": "OADP-3189",
"url": "https://issues.redhat.com/browse/OADP-3189"
},
{
"category": "external",
"summary": "OADP-3326",
"url": "https://issues.redhat.com/browse/OADP-3326"
},
{
"category": "external",
"summary": "OADP-3379",
"url": "https://issues.redhat.com/browse/OADP-3379"
},
{
"category": "external",
"summary": "OADP-3390",
"url": "https://issues.redhat.com/browse/OADP-3390"
},
{
"category": "external",
"summary": "OADP-3395",
"url": "https://issues.redhat.com/browse/OADP-3395"
},
{
"category": "external",
"summary": "OADP-3486",
"url": "https://issues.redhat.com/browse/OADP-3486"
},
{
"category": "external",
"summary": "OADP-3495",
"url": "https://issues.redhat.com/browse/OADP-3495"
},
{
"category": "external",
"summary": "OADP-3598",
"url": "https://issues.redhat.com/browse/OADP-3598"
},
{
"category": "external",
"summary": "OADP-3710",
"url": "https://issues.redhat.com/browse/OADP-3710"
},
{
"category": "external",
"summary": "OADP-3821",
"url": "https://issues.redhat.com/browse/OADP-3821"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1859.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T22:38:47+00:00",
"generator": {
"date": "2024-12-17T22:38:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1859",
"initial_release_date": "2024-04-16T17:26:06+00:00",
"revision_history": [
{
"date": "2024-04-16T17:26:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-16T17:26:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:38:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.3",
"product": {
"name": "9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39326",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39326"
},
{
"category": "external",
"summary": "RHBZ#2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2382",
"url": "https://pkg.go.dev/vuln/GO-2023-2382"
}
],
"release_date": "2023-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "No mitigation is available for this flaw.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests"
},
{
"cve": "CVE-2023-45142",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-10-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2245180"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server\u0027s memory by sending many malicious requests, affecting the availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opentelemetry: DoS vulnerability in otelhttp",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While no authentication is required, there are a significant number of non-default factors which prevent widespread exploitation of this flaw. For a service to be affected, all of the following must be true:\n* The go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp package must be in use\n* Configured a metrics pipeline which uses the otelhttp.NewHandler wrapper function\n* No filtering of unknown HTTP methods or user agents at a higher level (such as Content Delivery Network/Load Balancer/etc...)\n\nDue to the limited attack surface, Red Hat Product Security rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45142"
},
{
"category": "external",
"summary": "RHBZ#2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
"url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
}
],
"release_date": "2023-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "As a workaround to stop being affected otelhttp.WithFilter() can be used.\n\nFor convenience and safe usage of this library, it should by default mark with the label unknown non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.\n\nThe other possibility is to disable HTTP metrics instrumentation by passing otelhttp.WithMeterProvider option with noop.NewMeterProvider.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "opentelemetry: DoS vulnerability in otelhttp"
},
{
"cve": "CVE-2023-45287",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2023-12-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in the Golang crypto/tls library, is assessed as a moderate severity issue rather than important due to several mitigating factors. Although the vulnerability exposes a Timing Side Channel, potentially allowing information retrieval through RSA-based TLS key exchanges, its exploitation demands significant access and expertise. Additionally, while earlier versions implemented RSA blinding to counter timing attacks, the removal of PKCS#1 padding may still leak timing data. However, the practicality of exploiting this flaw is limited, and the transition to a fully constant time RSA implementation in Go 1.20 significantly bolsters security, reducing the risk posed by timing side channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45287"
},
{
"category": "external",
"summary": "RHBZ#2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2375",
"url": "https://pkg.go.dev/vuln/GO-2023-2375"
}
],
"release_date": "2023-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "No current mitigation is available for this vulnerability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges."
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-16T17:26:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
}
]
}
RHSA-2024_2728
Vulnerability from csaf_redhat - Published: 2024-05-29 19:50 - Updated: 2024-12-17 22:43Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images security update
Severity
Important
Notes
Topic: Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1 (Wallaby) for RHEL 9.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.
The Red Hat OpenStack Platform (RHOSP) director Operator adds the ability to install and run a RHOSP cloud within OpenShift Container Platform.
Security Fix(es):
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
* golang: x/crypto/ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
28 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1 (Wallaby) for RHEL 9.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.\n\nThe Red Hat OpenStack Platform (RHOSP) director Operator adds the ability to install and run a RHOSP cloud within OpenShift Container Platform.\n\nSecurity Fix(es):\n\n* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\n* golang: x/crypto/ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2728",
"url": "https://access.redhat.com/errata/RHSA-2024:2728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2256449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256449"
},
{
"category": "external",
"summary": "2258578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258578"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2272054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272054"
},
{
"category": "external",
"summary": "2273947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273947"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2728.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images security update",
"tracking": {
"current_release_date": "2024-12-17T22:43:03+00:00",
"generator": {
"date": "2024-12-17T22:43:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:2728",
"initial_release_date": "2024-05-29T19:50:12+00:00",
"revision_history": [
{
"date": "2024-05-29T19:50:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-29T19:50:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:43:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"product": {
"name": "rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"product_id": "rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-agent\u0026tag=1.3.1-15"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"product": {
"name": "rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"product_id": "rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-downloader\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"product": {
"name": "rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"product_id": "rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle\u0026tag=1.3.1-27"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64",
"product": {
"name": "rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64",
"product_id": "rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-operator\u0026tag=1.3.1-15"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64"
},
"product_reference": "rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64"
},
"product_reference": "rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64"
},
"product_reference": "rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
},
"product_reference": "rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64",
"relates_to_product_reference": "9Base-RHOS-17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39326",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39326"
},
{
"category": "external",
"summary": "RHBZ#2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2382",
"url": "https://pkg.go.dev/vuln/GO-2023-2382"
}
],
"release_date": "2023-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-29T19:50:12+00:00",
"details": "The container images provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \u0027podman pull\u0027 command.\n\nFor more information about the images, search the image name in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2728"
},
{
"category": "workaround",
"details": "No mitigation is available for this flaw.",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-29T19:50:12+00:00",
"details": "The container images provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \u0027podman pull\u0027 command.\n\nFor more information about the images, search the image name in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2728"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-29T19:50:12+00:00",
"details": "The container images provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \u0027podman pull\u0027 command.\n\nFor more information about the images, search the image name in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2728"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:436915008c0b272b20fb5fbf64fc6b4f65ae869ecdd70248066b36a120ab53d0_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:e702392f6f8bde5a93b9f90d94ec3fab1fc905b97fdc495cd1710118206f7c29_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:6747f43ab7ffa76b852b0d0f7b625dcc47a7cbfb3d9af12d8d2efd84feb0822d_amd64",
"9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:35affb25a019adfaf3c4dc5f3a4da21b30eae321f0138d75be5ab9fc88da0141_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
}
]
}
RHSA-2024_2735
Vulnerability from csaf_redhat - Published: 2024-05-22 20:37 - Updated: 2024-12-17 22:42Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-paramiko) security update
Severity
Moderate
Notes
Topic: An update for python-paramiko is now available for Red Hat OpenStack
Platform 17.1 (Wallaby).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Paramiko (a combination of the esperanto words for paranoid and friend) is
a module for python 2.3 or greater that implements the SSH2 protocol for
secure (encrypted and authenticated) connections to remote machines. Unlike
SSL (aka TLS), the SSH2 protocol does not require heirarchical certificates
signed by a powerful central authority. You may know SSH2 as the protocol
that replaced telnet and rsh for secure access to remote shells, but the
protocol also includes the ability to open arbitrary channels to remote
services across an encrypted tunnel. (This is how sftp works, for example.)
Security Fix(es):
* Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-paramiko is now available for Red Hat OpenStack\nPlatform 17.1 (Wallaby).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Paramiko (a combination of the esperanto words for paranoid and friend) is\na module for python 2.3 or greater that implements the SSH2 protocol for\nsecure (encrypted and authenticated) connections to remote machines. Unlike\nSSL (aka TLS), the SSH2 protocol does not require heirarchical certificates\nsigned by a powerful central authority. You may know SSH2 as the protocol\nthat replaced telnet and rsh for secure access to remote shells, but the\nprotocol also includes the ability to open arbitrary channels to remote\nservices across an encrypted tunnel. (This is how sftp works, for example.)\n\nSecurity Fix(es):\n\n* Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2735",
"url": "https://access.redhat.com/errata/RHSA-2024:2735"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2735.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-paramiko) security update",
"tracking": {
"current_release_date": "2024-12-17T22:42:07+00:00",
"generator": {
"date": "2024-12-17T22:42:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:2735",
"initial_release_date": "2024-05-22T20:37:24+00:00",
"revision_history": [
{
"date": "2024-05-22T20:37:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-22T20:37:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:42:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-paramiko-0:2.11.0-2.el9ost.src",
"product": {
"name": "python-paramiko-0:2.11.0-2.el9ost.src",
"product_id": "python-paramiko-0:2.11.0-2.el9ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-paramiko@2.11.0-2.el9ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-paramiko-0:2.11.0-2.el9ost.noarch",
"product": {
"name": "python3-paramiko-0:2.11.0-2.el9ost.noarch",
"product_id": "python3-paramiko-0:2.11.0-2.el9ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-paramiko@2.11.0-2.el9ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-0:2.11.0-2.el9ost.src as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el9ost.src"
},
"product_reference": "python-paramiko-0:2.11.0-2.el9ost.src",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-paramiko-0:2.11.0-2.el9ost.noarch as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el9ost.noarch"
},
"product_reference": "python3-paramiko-0:2.11.0-2.el9ost.noarch",
"relates_to_product_reference": "9Base-RHOS-17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el9ost.src",
"9Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el9ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T20:37:24+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el9ost.src",
"9Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el9ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2735"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el9ost.src",
"9Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el9ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el9ost.src",
"9Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el9ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
}
]
}
RHSA-2024_2768
Vulnerability from csaf_redhat - Published: 2024-05-22 20:40 - Updated: 2024-12-17 22:42Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-paramiko) security update
Severity
Moderate
Notes
Topic: An update for python-paramiko is now available for Red Hat OpenStack
Platform 17.1 (Wallaby).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Paramiko, a combination of the esperanto words for paranoid and friend, is
a module for python 2.3 or greater that implements the SSH2 protocol for
secure (encrypted and authenticated) connections to remote machines. Unlike
SSL (aka TLS), the SSH2 protocol does not require heirarchical certificates
signed by a powerful central authority. You may know SSH2 as the protocol
that replaced telnet and rsh for secure access to remote shells, but the
protocol also includes the ability to open arbitrary channels to remote
services across an encrypted tunnel. This is how sftp works, for example.
Security Fix(es):
* Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Threats
Impact
Moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-paramiko is now available for Red Hat OpenStack\nPlatform 17.1 (Wallaby).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Paramiko, a combination of the esperanto words for paranoid and friend, is\na module for python 2.3 or greater that implements the SSH2 protocol for\nsecure (encrypted and authenticated) connections to remote machines. Unlike\nSSL (aka TLS), the SSH2 protocol does not require heirarchical certificates\nsigned by a powerful central authority. You may know SSH2 as the protocol\nthat replaced telnet and rsh for secure access to remote shells, but the\nprotocol also includes the ability to open arbitrary channels to remote\nservices across an encrypted tunnel. This is how sftp works, for example.\n\nSecurity Fix(es):\n\n* Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2768",
"url": "https://access.redhat.com/errata/RHSA-2024:2768"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2768.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-paramiko) security update",
"tracking": {
"current_release_date": "2024-12-17T22:42:40+00:00",
"generator": {
"date": "2024-12-17T22:42:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:2768",
"initial_release_date": "2024-05-22T20:40:08+00:00",
"revision_history": [
{
"date": "2024-05-22T20:40:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-22T20:40:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:42:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "8Base-RHOS-17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-paramiko-0:2.11.0-2.el8ost.src",
"product": {
"name": "python-paramiko-0:2.11.0-2.el8ost.src",
"product_id": "python-paramiko-0:2.11.0-2.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-paramiko@2.11.0-2.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-paramiko-0:2.11.0-2.el8ost.noarch",
"product": {
"name": "python3-paramiko-0:2.11.0-2.el8ost.noarch",
"product_id": "python3-paramiko-0:2.11.0-2.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-paramiko@2.11.0-2.el8ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-0:2.11.0-2.el8ost.src as a component of Red Hat OpenStack Platform 17.1",
"product_id": "8Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el8ost.src"
},
"product_reference": "python-paramiko-0:2.11.0-2.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-paramiko-0:2.11.0-2.el8ost.noarch as a component of Red Hat OpenStack Platform 17.1",
"product_id": "8Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el8ost.noarch"
},
"product_reference": "python3-paramiko-0:2.11.0-2.el8ost.noarch",
"relates_to_product_reference": "8Base-RHOS-17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el8ost.src",
"8Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el8ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T20:40:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el8ost.src",
"8Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el8ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2768"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"8Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el8ost.src",
"8Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el8ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-17.1:python-paramiko-0:2.11.0-2.el8ost.src",
"8Base-RHOS-17.1:python3-paramiko-0:2.11.0-2.el8ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…