Action not permitted
Modal body text goes here.
CVE-2024-22424
Vulnerability from cvelistv5
▼ | URL | Tags | |
---|---|---|---|
security-advisories@github.com | https://github.com/argoproj/argo-cd/issues/2496 | Exploit, Issue Tracking, Third Party Advisory | |
security-advisories@github.com | https://github.com/argoproj/argo-cd/pull/16860 | Patch | |
security-advisories@github.com | https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg | Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:43:34.945Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" }, { "name": "https://github.com/argoproj/argo-cd/issues/2496", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "name": "https://github.com/argoproj/argo-cd/pull/16860", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/argoproj/argo-cd/pull/16860" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "argo-cd", "vendor": "argoproj", "versions": [ { "status": "affected", "version": "\u003e= 0.1.0, \u003c 2.7.15" }, { "status": "affected", "version": "\u003e= 2.8.0, \u003c 2.8.8" }, { "status": "affected", "version": "\u003e= 2.9.0, \u003c 2.9.4" }, { "status": "affected", "version": "\u003e= 2.10.0-rc1, \u003c 2.10-rc2" } ] } ], "descriptions": [ { "lang": "en", "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-352", "description": "CWE-352: Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-19T00:25:44.946Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" }, { "name": "https://github.com/argoproj/argo-cd/issues/2496", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "name": "https://github.com/argoproj/argo-cd/pull/16860", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/argoproj/argo-cd/pull/16860" } ], "source": { "advisory": "GHSA-92mw-q256-5vwg", "discovery": "UNKNOWN" }, "title": "Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-22424", "datePublished": "2024-01-19T00:25:44.946Z", "dateReserved": "2024-01-10T15:09:55.556Z", "dateUpdated": "2024-08-01T22:43:34.945Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-22424\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-01-19T01:15:09.317\",\"lastModified\":\"2024-08-07T15:43:51.540\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. La API de Argo CD anterior a las versiones 2.10-rc2, 2.9.4, 2.8.8 y 2.7.15 es vulnerable a un ataque de cross-server request forgery (CSRF) cuando el atacante tiene la capacidad de escribir HTML en una p\u00e1gina del mismo dominio principal que Argo CD. Un ataque CSRF funciona enga\u00f1ando a un usuario autenticado de Argo CD para que cargue una p\u00e1gina web que contiene c\u00f3digo para llamar a los endpoints de la API de Argo CD en nombre de la v\u00edctima. Por ejemplo, un atacante podr\u00eda enviar a un usuario de Argo CD un enlace a una p\u00e1gina que parece inofensiva pero que en segundo plano llama a un endpoint de la API de Argo CD para crear una aplicaci\u00f3n que ejecute c\u00f3digo malicioso. Argo CD utiliza la pol\u00edtica de cookies \\\"Lax\\\" de SameSite para evitar ataques CSRF en los que el atacante controla un dominio externo. El sitio web externo malicioso puede intentar llamar a la API de Argo CD, pero el navegador web se negar\u00e1 a enviar el token de autenticaci\u00f3n de Argo CD con la solicitud. Muchas empresas alojan Argo CD en un subdominio interno. Si un atacante puede colocar c\u00f3digo malicioso, por ejemplo, en https://test.internal.example.com/, a\u00fan puede realizar un ataque CSRF. En este caso, la cookie SameSite \\\"Lax\\\" no impide que el navegador env\u00ede la cookie de autenticaci\u00f3n, porque el destino es un dominio principal de la API de Argo CD. Los navegadores generalmente bloquean este tipo de ataques aplicando pol\u00edticas CORS a solicitudes confidenciales con tipos de contenido confidenciales. Espec\u00edficamente, los navegadores enviar\u00e1n una \\\"solicitud de verificaci\u00f3n previa\\\" para POST con tipo de contenido \\\"application/json\\\" preguntando a la API de destino \\\"\u00bfpuede aceptar solicitudes de mi dominio?\\\" Si la API de destino no responde \\\"s\u00ed\\\", el navegador bloquear\u00e1 la solicitud. Antes de las versiones parcheadas, Argo CD no validaba que las solicitudes incluyeran el encabezado del tipo de contenido correcto. Por lo tanto, un atacante podr\u00eda eludir la verificaci\u00f3n CORS del navegador configurando el tipo de contenido en algo que se considere \\\"no sensible\\\", como \\\"texto/plano\\\". El navegador no enviar\u00eda la solicitud de verificaci\u00f3n previa y Argo CD aceptar\u00eda felizmente el contenido (que en realidad sigue siendo JSON) y realizar\u00eda la acci\u00f3n solicitada (como ejecutar c\u00f3digo malicioso). Se lanz\u00f3 un parche para esta vulnerabilidad en las siguientes versiones de Argo CD: 2.10-rc2, 2.9.4, 2.8.8 y 2.7.15. El parche contiene un cambio importante en la API. La API de Argo CD ya no aceptar\u00e1 solicitudes que no sean GET y que no especifiquen application/json como tipo de contenido. La lista de tipos de contenido aceptados es configurable y es posible (pero desaconsejado) desactivar completamente la verificaci\u00f3n del tipo de contenido. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.0\",\"versionEndExcluding\":\"2.8.8\",\"matchCriteriaId\":\"8CED13D7-50A9-4645-9D05-29C9F0DE1968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.4\",\"matchCriteriaId\":\"7A322D38-37A6-428D-8D7D-C11BAD24EFAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:argoproj:argo_cd:2.10.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E94165C-F60B-469B-8D6D-14E310013B75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.1.0\",\"versionEndExcluding\":\"2.7.16\",\"matchCriteriaId\":\"D7E1C1DF-F7F5-472D-A429-797D45E1492D\"}]}]}],\"references\":[{\"url\":\"https://github.com/argoproj/argo-cd/issues/2496\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/argoproj/argo-cd/pull/16860\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
rhsa-2024_0689
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.11.\n\nRed Hat Product Security has rated this update as having a security impact of\nCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Errata Advisory for Red Hat OpenShift GitOps v1.11.1.\n\nSecurity Fix(es):\n\n* argo-cd: vulnerable to a cross-server request forgery (CSRF) attack (CVE-2024-22424)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0689", "url": "https://access.redhat.com/errata/RHSA-2024:0689" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.openshift.com/gitops/1.11/release_notes/gitops-release-notes.html", "url": "https://docs.openshift.com/gitops/1.11/release_notes/gitops-release-notes.html" }, { "category": "external", "summary": "2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0689.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.11.1 security update", "tracking": { "current_release_date": "2024-11-06T04:56:16+00:00", "generator": { "date": "2024-11-06T04:56:16+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:0689", "initial_release_date": "2024-02-05T20:19:56+00:00", "revision_history": [ { "date": "2024-02-05T20:19:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-22T16:05:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T04:56:16+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.11", "product": { "name": "Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.1-1" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.1-1" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.1-1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.1-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.1-1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64 as a component of Red Hat OpenShift GitOps 1.11", "product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64", "relates_to_product_reference": "8Base-GitOps-1.11" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-22424", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2024-01-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2259105" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Argo CD API before versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. These versions are vulnerable to a Cross-server request forgery (CSRF) attack when the attacker can write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page that contains code to call Argo CD API endpoints on the victim\u2019s behalf.", "title": "Vulnerability description" }, { "category": "summary", "text": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22424" }, { "category": "external", "summary": "RHBZ#2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22424", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/issues/2496", "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/pull/16860", "url": "https://github.com/argoproj/argo-cd/pull/16860" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" } ], "release_date": "2024-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:19:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0689" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:13c7dfadcd85576a2f79d704e28f2c916286464b806ce3328024281244423b01_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:21f91c0f956e36a606219a73369103070ad6f9bff92a0af6ab152f93630197d0_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:6e7f6b372256c39b5a74810a491965ad1a89105f88e5f55ca3191afd930838ce_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:a8dce9168cf03484a56aa862b7500bdb4a9e80a1ecd204fffa55f54909f487b2_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:8d4868feea21ebb9f1d4a3219d876f9389fa94b4d8e4dd85356f38e2a7135f8c_amd64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:9dd0b0138b8791e0f233242d0eb92f95326799339eea31c3874b7ed168b5d862_arm64", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:d297786472ffc986eb8f8a4868fb6a8c49c4361139482579a78323acc71ba3fb_s390x", "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:e435887e2da375262c6fc0176d6cebe3375ea2fbe1a086b035d84f61ecb1955e_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:32ce995c6dbdd506bff81400d41bc635a97a028d20ebdb19e59daa06225175ca_amd64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:6c7c372b36170681c7f86399412faab8a26803e906d8bd390ecc7fa3f8ef1285_s390x", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:aea44e2daf40038000892958f8b79698c1bef84384e7f5776b889d88c7c57735_arm64", "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:d6d309447163c48e2b4760d6d1d53edba85d4c6a19d05a6f97e71d3ff6828ad8_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:14e6353f7e5aaec49c035ed9c03665c89629f442ba3eab09ef58032f884cfe5b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a8aab064c6d0198eab3e103d7f53789c882285b3770f08ebe634d95375a0e1a8_amd64", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de3c81e23a61b2b646f4849c0a8df96b42e0de1a702fc3e7c2fc534ac7a7779c_s390x", "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:f0a3e008e266c48c909b29721c3ae69eecd73d5582b801fea1b393dee40e6b72_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:421fe7d0784d75becc79de029884306a0ec893e6dc73d437b206881e0905009b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0df27fe434f68d063c32c7390f41048d2573e02b366537205a400286d4ae15ba_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:267cf736e84991fa65b1b6a6b579b356ec6b11ef0c0b85342713415d9c7a8b7f_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:2ae3ea80cba9cc322d4f964d3421bdc9bebf71021a08e617f76158a03629cbe0_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:f35539fa04f8bf697a1f24c5a7b0ad0f3b610b8bfcc658f7d48d5bba9f50176f_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:1bc463cbb8c066e703a3530b8a401f32e7414a426653099a2111a29bfac7c359_s390x", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:3ce832faf77207d00b943ab2ed51dbd5c79e988fc9dea8783090b287dd20849b_amd64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59224fd2a6ff599816448c5115f85ffd625c9e36c56c71ad0a9770b2d84e284b_arm64", "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:f4b555a9c81f7472e140a0590f4817f2da4152c90d62d7e4a49c3b9d8b21ea4b_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:123e2a5cd70d4762fe3debb90666413f19f327f9a9cff28f24103033c3faa9d1_s390x", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:5777a3d9ed2eb64e12a2d148b4740dcd25a447998c547bb969fd62261f796431_amd64", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:89b0829b7e0afb66e65b0aa8c60f4d8c3adaf1cd1a0cfc30034dc6937f9556b3_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e955471c4ff57c9b5f7d2e1e305f2e74983eb5576486c469473af4ba93bc3bd5_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:1a02e5f8caffa0df5983e550b80440e33b4251cfe12307e0de7fdbbf68be6590_s390x", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:430e3fac540059d04cf2862f1e8d9ea20803d4924f1a65861d2e40517c17a196_arm64", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:46cc40820920270b820cd33c3212fb0faa1654a534787cc20f4b25946da3f14a_ppc64le", "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:5a541be7dd4018fd8699be84cb43cc8d54777da835479a1e1afc63d4e790d046_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack" } ] }
rhsa-2024_0692
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.10.2.\n\nRed Hat Product Security has rated this update as having a security impact of\nCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "RErrata Advisory for Red Hat OpenShift GitOps v1.10.2.\n\nSecurity Fix(es):\n\n* argo-cd: vulnerable to a cross-server request forgery (CSRF)\nattack (CVE-2024-22424)\n\n* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)\n\n* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0692", "url": "https://access.redhat.com/errata/RHSA-2024:0692" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.openshift.com/gitops/1.10/understanding_openshift_gitops/about-redhat-openshift-gitops.html", "url": "https://docs.openshift.com/gitops/1.10/understanding_openshift_gitops/about-redhat-openshift-gitops.html" }, { "category": "external", "summary": "2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0692.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.10.2 security update", "tracking": { "current_release_date": "2024-11-11T20:17:40+00:00", "generator": { "date": "2024-11-11T20:17:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:0692", "initial_release_date": "2024-02-05T20:41:28+00:00", "revision_history": [ { "date": "2024-02-05T20:41:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-22T16:04:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-11T20:17:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.10", "product": { "name": "Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.2-2" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.2-2" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.2-2" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.2-2" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.2-2" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "relates_to_product_reference": "8Base-GitOps-1.10" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64 as a component of Red Hat OpenShift GitOps 1.10", "product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64", "relates_to_product_reference": "8Base-GitOps-1.10" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-49568", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258165" } ], "notes": [ { "category": "description", "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49568" }, { "category": "external", "summary": "RHBZ#2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r" } ], "release_date": "2023-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:41:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0692" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients" }, { "cve": "CVE-2023-49569", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258143" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49569" }, { "category": "external", "summary": "RHBZ#2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88" } ], "release_date": "2024-01-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:41:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0692" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients" }, { "cve": "CVE-2024-22424", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2024-01-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2259105" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Argo CD API before versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. These versions are vulnerable to a Cross-server request forgery (CSRF) attack when the attacker can write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page that contains code to call Argo CD API endpoints on the victim\u2019s behalf.", "title": "Vulnerability description" }, { "category": "summary", "text": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22424" }, { "category": "external", "summary": "RHBZ#2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22424", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/issues/2496", "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/pull/16860", "url": "https://github.com/argoproj/argo-cd/pull/16860" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" } ], "release_date": "2024-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:41:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0692" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb773c45b4831db097baf3f9ee6fbfea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86db1e8e04c2b696fdba1f2bf38607ba2_arm64", "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594dd2ba7735e4b87164307d49826b06d_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63cc26340cf134fd6f27bbf2f_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f95000ec25b79e15cb3d2488_s390x", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719c6293c928427551032ea39f_amd64", "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d80c0e37d2b8a65a3f6b7c94_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d26d57c2e92985ab173523fafd29d43d9_arm64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe2908e6976c9c326ca3895c5e28a26ef_amd64", "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944c05701a6f8a1c128fb7613b6998b15c_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615ac464aef0bd004c023e35_arm64", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e99e32ca9138750f0a03b3_s390x", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de69da5ea09041f6d986fe_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2ee3eecfb5a8b36c7cf28_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065cec1abb8b8f291f147a02d932f151bd5bd_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a952480eef95191a7042acf3bd2d5acaba1a4_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b01377f5a3d504a23f0e4d797a41589ee5d5_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896ebda71e0a95f84eefa0513131e4fc7be13_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e50862a2f9afa5d68502df45_arm64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa260d1d8ffb615c10ed96e9823_s390x", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017e0a4f188ce3361ded6289ea_amd64", "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85ba377e800f8381ed283391e_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f367561356bc0f1a9dd08452e4e8b23d4d046_s390x", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162c6c601248b82ee4e688dfb76b1949_amd64", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f4943ad74b6c5d005db441166290b0_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7ce3a614a65f1b0d67b6820edc09de_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e529f3317495ac724a75e4012ed387b_s390x", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6bf5632263719c488803bfaa261c4_ppc64le", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8283980744984ec4105460515bd81_arm64", "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack" } ] }
rhsa-2024_0691
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift GitOps v1.9.4. Red Hat\nProduct Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Errata Advisory for Red Hat OpenShift GitOps v1.9.4.\n\nSecurity Fix(es):\n\n* TRIAGE CVE-2024-22424 openshift-gitops-operator-container: argo-cd: vulnerable to a cross-server request forgery (CSRF) attack [gitops-1.9]\n\n* CVE-2023-49568 openshift-gitops-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]\n\n* CVE-2023-49569 openshift-gitops-container: go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients [gitops-1.9]\n\n* CVE-2023-49568 openshift-gitops-argocd-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0691", "url": "https://access.redhat.com/errata/RHSA-2024:0691" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.openshift.com/container-platform/latest/cicd/gitops/understanding-openshift-gitops.html", "url": "https://docs.openshift.com/container-platform/latest/cicd/gitops/understanding-openshift-gitops.html" }, { "category": "external", "summary": "2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0691.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.9.4 security update", "tracking": { "current_release_date": "2024-11-11T12:36:34+00:00", "generator": { "date": "2024-11-11T12:36:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:0691", "initial_release_date": "2024-02-05T20:30:07+00:00", "revision_history": [ { "date": "2024-02-05T20:30:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-22T15:42:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-11T12:36:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift GitOps 1.9", "product": { "name": "Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_gitops:1.9::el9" } } } ], "category": "product_family", "name": "Red Hat OpenShift GitOps" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.4-1" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "product_id": "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.4-1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "product_id": "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "product": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.4-1" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "product": { "name": "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "product_id": "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "product": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "product": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "product": { "name": "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "product_id": "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "product": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "product": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "product_identification_helper": { "purl": "pkg:oci/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.4-1" } } }, { "category": "product_version", "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "product": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "product_identification_helper": { "purl": "pkg:oci/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.4-1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64" }, "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64" }, "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64" }, "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le" }, "product_reference": "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64" }, "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le" }, "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64" }, "product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "relates_to_product_reference": "8Base-GitOps-1.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64 as a component of Red Hat OpenShift GitOps 1.9", "product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" }, "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", "relates_to_product_reference": "8Base-GitOps-1.9" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-49568", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258165" } ], "notes": [ { "category": "description", "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49568" }, { "category": "external", "summary": "RHBZ#2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r" } ], "release_date": "2023-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:30:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0691" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients" }, { "cve": "CVE-2024-22424", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2024-01-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2259105" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Argo CD API before versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. These versions are vulnerable to a Cross-server request forgery (CSRF) attack when the attacker can write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page that contains code to call Argo CD API endpoints on the victim\u2019s behalf.", "title": "Vulnerability description" }, { "category": "summary", "text": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22424" }, { "category": "external", "summary": "RHBZ#2259105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259105" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22424", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/issues/2496", "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/pull/16860", "url": "https://github.com/argoproj/argo-cd/pull/16860" }, { "category": "external", "summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" } ], "release_date": "2024-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-05T20:30:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0691" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack" } ] }
ghsa-92mw-q256-5vwg
Vulnerability from github
Impact
The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.16 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD.
A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim’s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code.
Argo CD uses the “Lax” SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request.
Many companies host Argo CD on an internal subdomain, such as https://argo-cd.internal.example.com. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the “Lax” SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API.
Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a “preflight request” for POSTs with content type “application/json” asking the destination API “are you allowed to accept requests from my domain?” If the destination API does not answer “yes,” the browser will block the request.
Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser’s CORS check by setting the content type to something which is considered “not sensitive” such as “text/plain.” The browser wouldn’t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code).
Patches
A patch for this vulnerability has been released in the following Argo CD versions:
- 2.10-rc2
- 2.9.4
- 2.8.8
- 2.7.16
🚨 The patch contains a breaking API change. 🚨 The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely.
Workarounds
The only way to completely resolve the issue is to upgrade.
Credits
The Argo CD team would like to express their gratitude to An Trinh of Calif who reported the issue confidentially according to our guidelines and published a helpful blog post to describe the issue. We would also like to thank them for actively participating in the review for the patch.
References
- The problem was originally reported in a GitHub issue
{ "affected": [ { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd" }, "ranges": [ { "events": [ { "introduced": "0.1.0" }, { "last_affected": "1.8.7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.7.16" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.8.0-rc1" }, { "fixed": "2.8.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.9.0-rc1" }, { "fixed": "2.9.4" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "github.com/argoproj/argo-cd/v2" }, "ranges": [ { "events": [ { "introduced": "2.10.0-rc1" }, { "fixed": "2.10-rc2" } ], "type": "ECOSYSTEM" } ], "versions": [ "2.10.0-rc1" ] } ], "aliases": [ "CVE-2024-22424" ], "database_specific": { "cwe_ids": [ "CWE-352" ], "github_reviewed": true, "github_reviewed_at": "2024-01-19T20:37:53Z", "nvd_published_at": "2024-01-19T01:15:09Z", "severity": "HIGH" }, "details": "### Impact\n\nThe Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.16 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD.\n\nA CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code.\n\nArgo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request.\n\nMany companies host Argo CD on an internal subdomain, such as [https://argo-cd.internal.example.com](https://argo-cd.example.com/). If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API.\n\nBrowsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request.\n\nBefore the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code).\n\n### Patches\n\nA patch for this vulnerability has been released in the following Argo CD versions:\n\n* 2.10-rc2\n* 2.9.4\n* 2.8.8\n* 2.7.16\n\n\ud83d\udea8 **The patch contains a breaking API change.** \ud83d\udea8 The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely.\n\n### Workarounds\n\nThe only way to completely resolve the issue is to upgrade.\n\n### Credits\n\nThe Argo CD team would like to express their gratitude to An Trinh of [Calif](https://calif.io/) who reported the issue confidentially according to our [guidelines](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md#reporting-a-vulnerability) and published a helpful [blog post](https://blog.calif.io/p/argo-cd-csrf) to describe the issue. We would also like to thank them for actively participating in the review for the patch.\n\n### References\n\n* The problem was originally reported in a [GitHub issue](https://github.com/argoproj/argo-cd/issues/2496)", "id": "GHSA-92mw-q256-5vwg", "modified": "2024-01-19T20:37:53Z", "published": "2024-01-19T20:37:53Z", "references": [ { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22424" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/pull/16860" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/0b459f224b3186707809be8240dfc3a6028f42a0" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/13fe3ca589f6f2ded6001ce114e354602ed058b3" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/3c5878ecf41581942281e9c95745f073bdfbf9c3" }, { "type": "WEB", "url": "https://github.com/argoproj/argo-cd/commit/f569aa105e0fe5940bc736c68e2fc90ee4a6ed94" }, { "type": "PACKAGE", "url": "https://github.com/argoproj/argo-cd" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "github.com/argoproj/argo-cd Cross-Site Request Forgery vulnerability" }
wid-sec-w-2024-0697
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0697 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0697.json" }, { "category": "self", "summary": "WID-SEC-2024-0697 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0697" }, { "category": "external", "summary": "Security Advisory vom 2024-03-24", "url": "https://access.redhat.com/errata/RHSA-2024:0689" }, { "category": "external", "summary": "Security Advisory vom 2024-03-24", "url": "https://access.redhat.com/errata/RHSA-2024:0691" }, { "category": "external", "summary": "Security Advisory vom 2024-03-24", "url": "https://access.redhat.com/errata/RHSA-2024:0692" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2024-03-24T23:00:00.000+00:00", "generator": { "date": "2024-03-25T09:51:00.364+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0697", "initial_release_date": "2024-03-24T23:00:00.000+00:00", "revision_history": [ { "date": "2024-03-24T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c GitOps 1.9", "product": { "name": "Red Hat OpenShift \u003c GitOps 1.9", "product_id": "T028023", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:gitops_1.9" } } }, { "category": "product_version_range", "name": "\u003c GitOps 1.10.2", "product": { "name": "Red Hat OpenShift \u003c GitOps 1.10.2", "product_id": "T033629", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:gitops_1.10.2" } } }, { "category": "product_version_range", "name": "\u003c GitOps 1.11.1", "product": { "name": "Red Hat OpenShift \u003c GitOps 1.11.1", "product_id": "T033637", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:gitops_1.11.1" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-22424", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle in Red Hat OpenShift. Dieser Fehler besteht im Argo CD API-Modul der GitOps-Komponente aufgrund eines unzureichenden CSRF-Schutzes, der es erm\u00f6glicht, die CORS-Pr\u00fcfung des Browsers zu umgehen. Indem ein authentifizierter Argo-CD-Benutzer dazu gebracht wird, eine Webseite im Namen des Opfers zu laden, die Code zum Aufrufen von Argo-CD-API-Endpunkten enth\u00e4lt, kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion." } ], "release_date": "2024-03-24T23:00:00Z", "title": "CVE-2024-22424" } ] }
gsd-2024-22424
Vulnerability from gsd
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2024-22424" ], "details": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "id": "GSD-2024-22424", "modified": "2024-01-11T06:02:11.785618Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2024-22424", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "argo-cd", "version": { "version_data": [ { "version_affected": "=", "version_value": "\u003e= 0.1.0, \u003c 2.7.15" }, { "version_affected": "=", "version_value": "\u003e= 2.8.0, \u003c 2.8.8" }, { "version_affected": "=", "version_value": "\u003e= 2.9.0, \u003c 2.9.4" }, { "version_affected": "=", "version_value": "\u003e= 2.10.0-rc1, \u003c 2.10-rc2" } ] } } ] }, "vendor_name": "argoproj" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ] }, "impact": { "cvss": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-352", "lang": "eng", "value": "CWE-352: Cross-Site Request Forgery (CSRF)" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", "refsource": "MISC", "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" }, { "name": "https://github.com/argoproj/argo-cd/issues/2496", "refsource": "MISC", "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "name": "https://github.com/argoproj/argo-cd/pull/16860", "refsource": "MISC", "url": "https://github.com/argoproj/argo-cd/pull/16860" } ] }, "source": { "advisory": "GHSA-92mw-q256-5vwg", "discovery": "UNKNOWN" } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7E1C1DF-F7F5-472D-A429-797D45E1492D", "versionEndExcluding": "2.7.16", "versionStartIncluding": "0.1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD960A01-17B6-4898-9DD2-6EF300AC2ECD", "versionEndExcluding": "2.8.8", "versionStartIncluding": "2.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CAE51AB-775C-4A7F-B747-55E7412A921B", "versionEndExcluding": "2.9.4", "versionStartIncluding": "2.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:2.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "8006BF15-444F-4E23-9EF7-82AEC9C6CBED", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim\u2019s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the \u201cLax\u201d SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the \u201cLax\u201d SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a \u201cpreflight request\u201d for POSTs with content type \u201capplication/json\u201d asking the destination API \u201care you allowed to accept requests from my domain?\u201d If the destination API does not answer \u201cyes,\u201d the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser\u2019s CORS check by setting the content type to something which is considered \u201cnot sensitive\u201d such as \u201ctext/plain.\u201d The browser wouldn\u2019t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability." }, { "lang": "es", "value": "Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. La API de Argo CD anterior a las versiones 2.10-rc2, 2.9.4, 2.8.8 y 2.7.15 es vulnerable a un ataque de cross-server request forgery (CSRF) cuando el atacante tiene la capacidad de escribir HTML en una p\u00e1gina del mismo dominio principal que Argo CD. Un ataque CSRF funciona enga\u00f1ando a un usuario autenticado de Argo CD para que cargue una p\u00e1gina web que contiene c\u00f3digo para llamar a los endpoints de la API de Argo CD en nombre de la v\u00edctima. Por ejemplo, un atacante podr\u00eda enviar a un usuario de Argo CD un enlace a una p\u00e1gina que parece inofensiva pero que en segundo plano llama a un endpoint de la API de Argo CD para crear una aplicaci\u00f3n que ejecute c\u00f3digo malicioso. Argo CD utiliza la pol\u00edtica de cookies \"Lax\" de SameSite para evitar ataques CSRF en los que el atacante controla un dominio externo. El sitio web externo malicioso puede intentar llamar a la API de Argo CD, pero el navegador web se negar\u00e1 a enviar el token de autenticaci\u00f3n de Argo CD con la solicitud. Muchas empresas alojan Argo CD en un subdominio interno. Si un atacante puede colocar c\u00f3digo malicioso, por ejemplo, en https://test.internal.example.com/, a\u00fan puede realizar un ataque CSRF. En este caso, la cookie SameSite \"Lax\" no impide que el navegador env\u00ede la cookie de autenticaci\u00f3n, porque el destino es un dominio principal de la API de Argo CD. Los navegadores generalmente bloquean este tipo de ataques aplicando pol\u00edticas CORS a solicitudes confidenciales con tipos de contenido confidenciales. Espec\u00edficamente, los navegadores enviar\u00e1n una \"solicitud de verificaci\u00f3n previa\" para POST con tipo de contenido \"application/json\" preguntando a la API de destino \"\u00bfpuede aceptar solicitudes de mi dominio?\" Si la API de destino no responde \"s\u00ed\", el navegador bloquear\u00e1 la solicitud. Antes de las versiones parcheadas, Argo CD no validaba que las solicitudes incluyeran el encabezado del tipo de contenido correcto. Por lo tanto, un atacante podr\u00eda eludir la verificaci\u00f3n CORS del navegador configurando el tipo de contenido en algo que se considere \"no sensible\", como \"texto/plano\". El navegador no enviar\u00eda la solicitud de verificaci\u00f3n previa y Argo CD aceptar\u00eda felizmente el contenido (que en realidad sigue siendo JSON) y realizar\u00eda la acci\u00f3n solicitada (como ejecutar c\u00f3digo malicioso). Se lanz\u00f3 un parche para esta vulnerabilidad en las siguientes versiones de Argo CD: 2.10-rc2, 2.9.4, 2.8.8 y 2.7.15. El parche contiene un cambio importante en la API. La API de Argo CD ya no aceptar\u00e1 solicitudes que no sean GET y que no especifiquen application/json como tipo de contenido. La lista de tipos de contenido aceptados es configurable y es posible (pero desaconsejado) desactivar completamente la verificaci\u00f3n del tipo de contenido. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "id": "CVE-2024-22424", "lastModified": "2024-01-31T19:51:26.407", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary" } ] }, "published": "2024-01-19T01:15:09.317", "references": [ { "source": "security-advisories@github.com", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/argoproj/argo-cd/issues/2496" }, { "source": "security-advisories@github.com", "tags": [ "Patch" ], "url": "https://github.com/argoproj/argo-cd/pull/16860" }, { "source": "security-advisories@github.com", "tags": [ "Vendor Advisory" ], "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-352" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-352" } ], "source": "security-advisories@github.com", "type": "Secondary" } ] } } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.